CVE-2025-5781 MEDIUM

CVE-2025-5781: Information Exposure Vulnerability in Hitachi Configuration Manager, Hitachi Ops Center API Configuration Manager

Vendor Hitachi
Product Hitachi Ops Center API Configuration Manager
Weakness CWE-532 · Sensitive info in logs
Published February 25, 2026
Last update February 26, 2026

CVSS base score

5.2/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

What the vulnerability does

01Description

Information Exposure Vulnerability in Hitachi Ops Center API Configuration Manager, Hitachi Configuration Manager, Hitachi Device Manager allows Session Hijacking.This issue affects Hitachi Ops Center API Configuration Manager: from 10.0.0-00 before 11.0.5-00; Hitachi Configuration Manager: from 8.5.1-00 before 11.0.5-00; Hitachi Device Manager: from 8.4.1-00 before 8.6.5-00.

Key dates

02Disclosure timeline

February 25, 2026 CVE published
February 26, 2026 Record updated