Kazuki Hirota

**Name of the Vulnerable Software and Affected Versions** Hitachi JP1/Extensible SNMP Agent for Windows versions 11-00 through 11-00-*, versions 12-00 through 12-00 before 12-00-01 Hitachi JP1/Extensible SNMP Agent versions 09-00 through 09-00-04, versions 10-00 through 10-00-02, versions 10-10 through 10-10-01 Hitachi Job Management Partner1/Extensible SNMP Agent versions 09-00 through 09-00-04, versions 10-00 through 10-00-02, versions 10-10 through 10-10-01 **Description** The issue affects the default permissions in the Hitachi JP1/Extensible SNMP Agent, allowing file manipulation. **Recommendations** For Hitachi JP1/Extensible SNMP Agent for Windows versions 11-00 through 11-00-* and versions 12-00 through 12-00 before 12-00-01, update to version 12-00-01 or later. For Hitachi JP1/Extensible SNMP Agent versions 09-00 through 09-00-04, update to version 09-00-05 or later. For Hitachi JP1/Extensible SNMP Agent versions 10-00 through 10-00-02, update to version 10-00-03 or later. For Hitachi JP1/Extensible SNMP Agent versions 10-10 through 10-10-01, update to version 10-10-02 or later. For Hitachi Job Management Partner1/Extensible SNMP Agent versions 09-00 through 09-00-04, update to version 09-00-05 or later. For Hitachi Job Management Partner1/Extensible SNMP Agent versions 10-00 through 10-00-02, update to version 10-00-03 or later. For Hitachi Job Management Partner1/Extensible SNMP Agent versions 10-10 through 10-10-01, update to version 10-10-02 or later.

**Name of the Vulnerable Software and Affected Versions** acmailer versions prior to 3.8.17 acmailer versions 3.9.x prior to 3.9.10 Beta **Description** The issue allows remote attackers to hijack the authentication of arbitrary users for requests that modify or delete data. This can be demonstrated by modifying data that affects authorization. **Recommendations** For acmailer versions prior to 3.8.17, update to version 3.8.17 or later. For acmailer versions 3.9.x prior to 3.9.10 Beta, update to version 3.9.10 Beta or later.

**Name of the Vulnerable Software and Affected Versions** I-O DATA DEVICE HDL-A and HDL2-A devices versions 1.07 and earlier **Description** The issue allows remote attackers to obtain sensitive information or modify data due to improper session management. **Recommendations** For I-O DATA DEVICE HDL-A and HDL2-A devices versions 1.07 and earlier, update the firmware to a version later than 1.07 to resolve the issue.