CVE-2025-0976 PUBLISHED

Information Exposure Vulnerability in Hitachi Configuration Manager, Hitachi Ops Center API Configuration Manager

Assigner: Hitachi
Reserved: 03.02.2025 Published: 25.02.2026 Updated: 25.02.2026

Information Exposure Vulnerability in Hitachi Ops Center API Configuration Manager, Hitachi Configuration Manager.This issue affects Hitachi Ops Center API Configuration Manager: from 10.0.0-00 before 11.0.4-00; Hitachi Configuration Manager: from 8.6.1-00 before 11.0.5-00.

Metrics

CVSS 3.1

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
CVSS Score: 4.7

Attack Vector	Local	Scope	Unchanged
Attack Complexity	High	Confidentiality Impact	High
Privileges Required	Low	Integrity Impact	None
User Interaction	None	Availability Impact	None

CVSS 3.1

Product Status

Vendor	Hitachi
Product	Hitachi Ops Center API Configuration Manager
Versions	Default: unaffected affected from 10.0.0-00 to 11.0.4-00 (excl.)

Vendor	Hitachi
Product	Hitachi Configuration Manager
Versions	Default: unaffected affected from 8.6.1-00 to 11.0.5-00 (excl.)

References

https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2026-110/index.html

Problem Types

CWE-532 Insertion of Sensitive Information into Log File CWE

Impacts

CAPEC-569 Collect Data as Provided by Users