8.6

CVE-2022-4895

Improper Certificate Validation vulnerability in Hitachi Infrastructure Analytics Advisor on Linux (Analytics probe component), Hitachi Ops Center Analyzer on Linux (Analyzer probe component) allows Man in the Middle Attack.This issue affects Hitachi Infrastructure Analytics Advisor: from 2.0.0-00 through 4.4.0-00; Hitachi Ops Center Analyzer: from 10.0.0-00 before 10.9.1-00.

Data is provided by the National Vulnerability Database (NVD)
HitachiInfrastructure Analytics Advisor Version >= 2.0.0-00 < 10.9.1-00
   LinuxLinux Kernel Version- HwPlatformx64
HitachiOps Center Analyzer Version >= 10.0.0-00 < 10.9.1-00
   LinuxLinux Kernel Version- HwPlatformx64
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.06% 0.158
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 8.1 2.2 5.9
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
hirt@hitachi.co.jp 8.6 3.9 4.7
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
CWE-295 Improper Certificate Validation

The product does not validate, or incorrectly validates, a certificate.