Yusuke Sakai

**Name of the Vulnerable Software and Affected Versions** Powered BLUE 870 versions 0.20130927 and prior **Description** Powered BLUE 870 versions 0.20130927 and prior contain an OS command injection issue. Successful exploitation of this issue may allow arbitrary OS commands to be executed on the affected product. **Recommendations** Update to a version of Powered BLUE 870 later than 0.20130927.

**Name of the Vulnerable Software and Affected Versions** NEC EXPRESSCLUSTER X versions through 3.3 11.31 on Windows NEC EXPRESSCLUSTER X versions through 3.3 3.3.1-1 on Linux and Solaris **Description** A directory traversal issue in WebManager allows remote attackers to read arbitrary files via unspecified vectors. **Recommendations** For NEC EXPRESSCLUSTER X versions through 3.3 11.31 on Windows, update to a version that addresses this issue. For NEC EXPRESSCLUSTER X versions through 3.3 3.3.1-1 on Linux and Solaris, update to a version that addresses this issue.