CVE-2022-4895

Name of the Vulnerable Software and Affected Versions Hitachi Infrastructure Analytics Advisor versions 2.0.0-00 through 4.4.0-00 Hitachi Ops Center Analyzer versions 10.0.0-00 through 10.9.0-00

Description The issue is related to improper certificate validation, which allows a Man in the Middle Attack. This can be exploited by a remote attacker. The vulnerability affects the Analytics probe component of Hitachi Infrastructure Analytics Advisor and the Analyzer probe component of Hitachi Ops Center Analyzer.

Recommendations For Hitachi Infrastructure Analytics Advisor versions 2.0.0-00 through 4.4.0-00, update to a version after 4.4.0-00. For Hitachi Ops Center Analyzer versions 10.0.0-00 through 10.9.0-00, update to version 10.9.1-00 or later. As a temporary workaround, consider disabling the vulnerable components until a patch is available. Restrict access to the affected components to minimize the risk of exploitation.