CVE-2026-2072 PUBLISHED

Cross-Site Scripting vulnerability in Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center Analyzer

Assigner: Hitachi
Reserved: 06.02.2026 Published: 25.03.2026 Updated: 25.03.2026

Cross-Site Scripting vulnerability in Hitachi Infrastructure Analytics Advisor (Analytics probe component), Hitachi Ops Center Analyzer.This issue affects Hitachi Infrastructure Analytics Advisor:; Hitachi Ops Center Analyzer: from 10.0.0-00 before 11.0.5-00.

Metrics

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L
CVSS Score: 8.2

Product Status

Vendor Hitachi
Product Hitachi Infrastructure Analytics Advisor
Versions Default: unaffected
  • affected from 0 to * (excl.)
Vendor Hitachi
Product Hitachi Ops Center Analyzer
Versions Default: unaffected
  • affected from 10.0.0-00 to 11.0.5-00 (excl.)

References

Problem Types

  • CWE-79 Improper neutralization of input during web page generation ('cross-site scripting') CWE

Impacts

  • CAPEC-63 Cross-Site Scripting (XSS)