CVE-2023-49106

Name of the Vulnerable Software and Affected Versions Hitachi Device Manager versions prior to 8.8.5-04

Description The issue is related to insufficient protection of password input fields in the Device Manager Agent component of the Hitachi Device Manager system. This could allow a remote attacker to gain unauthorized access to protected information. The vulnerability is described as a Missing Password Field Masking issue.

Recommendations For versions prior to 8.8.5-04, update to version 8.8.5-04 or later to resolve the issue. As a temporary workaround, consider restricting access to the Device Manager Agent component until a patch is applied. Avoid using unsecured password input fields in the affected component until the issue is resolved.