| CVE-2021-40342 | Use of default key for encryption | Hitachi Energy | FOXMAN-UN | High | 7.1 | 2023-01-05 21:27:03 | Deep Dive |
| CVE-2021-40341 | Weak DES encryption | Hitachi Energy | FOXMAN-UN | High | 7.1 | 2023-01-05 21:26:43 | Deep Dive |
| CVE-2022-34881 | Information Exposure Vulnerability in JP1/Automatic Operation | Hitachi | JP1/Automatic Operation | Low | 3.3 | 2022-12-06 01:30:56 | Deep Dive |
| CVE-2022-2513 | Cleartext Credentials Vulnerability on Hitachi Energy’s Multiple IED Connectivity Packages (IED ConnPacks) and PCM600 Products | Hitachi Energy | PCM600 | High | 7.1 | 2022-11-22 10:30:34 | Deep Dive |
| CVE-2022-3388 | Input Validation Vulnerability in Hitachi Energy’s MicroSCADA Pro/X SYS600 Products | Hitachi Energy | MicroSCADA Pro SYS600 | High | 8.8 | 2022-11-21 00:00:00 | Deep Dive |
| CVE-2021-45448 | Pentaho Business Analytics Server - Pentaho Analyzer plugin exposes a service endpoint for templates which allows a user supplied path to access resources that are out of bounds. | Hitachi Vantara | Pentaho Business Analytics Server | High | 7.1 | 2022-11-02 15:12:25 | Deep Dive |
| CVE-2021-45447 | Pentaho Business Analytics Server - With the Data Lineage feature enabled, the system transmits database passwords in clear text | Hitachi Vantara | Pentaho Business Analytics Server | High | 7.7 | 2022-11-02 14:56:02 | Deep Dive |
| CVE-2021-45446 | Pentaho Business Analytics Server - Exposure of Information Through Directory Listing | Hitachi Vantara | Pentaho Business Analytics Server | Medium | 5.0 | 2022-11-02 14:26:02 | Deep Dive |
| CVE-2022-41553 | Information Exposure Vulnerability in Hitachi Infrastructure Analytics Advisor, Hitachi Ops Center Analyzer | Hitachi | Hitachi Infrastructure Analytics Advisor | Medium | 6.5 | 2022-11-01 02:11:01 | Deep Dive |
| CVE-2022-41552 | Server-Side Request Forgery Vulnerability in Hitachi Infrastructure Analytics Advisor, Hitachi Ops Center Analyzer | Hitachi | Hitachi Infrastructure Analytics Advisor | Critical | 9.8 | 2022-11-01 02:10:23 | Deep Dive |
| CVE-2022-3191 | Information Exposure Vulnerability in Hitachi Ops Center Analyzer | Hitachi | Hitachi Ops Center Analyzer | Medium | 6.6 | 2022-11-01 02:09:14 | Deep Dive |
| CVE-2020-36605 | File Permissions Vulnerability in Hitachi Infrastructure Analytics Advisor, Hitachi Ops Center Analyzer, Hitachi Ops Center Viewpoint | Hitachi | Hitachi Infrastructure Analytics Advisor | Medium | 6.6 | 2022-11-01 02:07:14 | Deep Dive |
| CVE-2022-2637 | Privilege Escalation Vulnerability in Hitachi Storage Plug-in for VMware vCenter | Hitachi | Hitachi Storage Plug-in for VMware vCenter | Medium | 5.4 | 2022-10-06 00:00:00 | Deep Dive |
| CVE-2021-28052 | Hitachi Content Platform Information Disclosure Vulnerability | Hitachi Vantara | Hitachi Content Platform | High | 7.5 | 2022-09-26 15:10:26 | Deep Dive |
| CVE-2022-29492 | A vulnerability exists in the handling of a malformed IEC 104 TCP packet. Upon receiving a malformed IEC 104 TCP packet, the malformed packet is dropped, however the TCP connection is left open. This may cause a denial-of-service if the affected conne ... | Hitachi Energy | MicroSCADA X SYS600 | Medium | 5.3 | 2022-09-14 17:07:31 | Deep Dive |
| CVE-2022-1778 | A vulnerability exists during the start of the affected SYS600, where an input validation flaw causes a buffer-overflow while reading a specific configuration file. Subsequently SYS600 will fail to start. The configuration file can only be accessed by ... | Hitachi Energy | MicroSCADA X SYS600 | High | 7.5 | 2022-09-14 17:05:37 | Deep Dive |
| CVE-2022-29922 | A vulnerability exists in the handling of a specially crafted IEC 61850 packet with a valid data item but with incorrect data type in the IEC 61850 OPC Server. The vulnerability may cause a denial-of-service on the IEC 61850 OPC Server part of the SYS ... | Hitachi Energy | MicroSCADA X SYS600 | High | 7.5 | 2022-09-14 17:03:34 | Deep Dive |
| CVE-2022-2277 | A vulnerability exists in the ICCP stack of the affected SYS600 versions due to validation flaw in the process that establishes the ICCP communication. The validation flaw will cause a denial-of-service when ICCP of SYS600 is request to forward any da ... | Hitachi Energy | MicroSCADA X SYS600 | High | 7.5 | 2022-09-14 17:02:01 | Deep Dive |
| CVE-2022-29490 | A vulnerability exists in the Workplace X WebUI in which an authenticated user is able to execute any MicroSCADA internal scripts irrespective of the authenticated user's role. | Hitachi Energy | MicroSCADA X SYS600 | High | 8.5 | 2022-09-12 19:24:04 | Deep Dive |
| CVE-2022-34883 | OS Command Injection Vulnerability in RAID Manager Storage Replication Adapter | Hitachi | RAID Manager Storage Replication Adapter | High | 7.2 | 2022-09-06 06:30:15 | Deep Dive |