What is CVE-2022-41552?

CVE-2022-41552 is a critical-severity vulnerability in Hitachi Infrastructure Analytics Advisor, classified under Server-Side Request Forgery (SSRF). CVSS score: 9.8/10. Published 2022-11-01.

How severe is CVE-2022-41552?

Critical severity. CVSS v3 base score is 9.8 out of 10.

SSRF in Hitachi Infrastructure Analytics Advisor

CVE-2022-41552

Server-Side Request Forgery (SSRF) vulnerability in Hitachi Infrastructure Analytics Advisor on Linux (Data Center Analytics, Analytics probe components), Hitachi Ops Center Analyzer on Linux (Hitachi Ops Center Analyzer detail view, Hitac…

Vulnerability class: SSRF (Server-Side Request Forgery)

EPSS: 0.004 (61.6th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 9.8 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.

Affected products

Hitachi Infrastructure Analytics Advisor — versions 2.0.0-00
Hitachi Ops Center Analyzer — versions 10.0.0-00

Weakness classification (CWE)

CWE-918 — Server-Side Request Forgery (SSRF)

References

www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2022-134/in… (vendor-advisory)

Frequently asked questions

What is CVE-2022-41552?: CVE-2022-41552 is a critical-severity vulnerability in Hitachi Infrastructure Analytics Advisor, classified under Server-Side Request Forgery (SSRF). CVSS score: 9.8/10. Published 2022-11-01.
How severe is CVE-2022-41552?: Critical severity. CVSS v3 base score is 9.8 out of 10.