CVE-2025-5781

NVD

https://nvd.nist.gov/vuln/detail/CVE-2025-5781

CWE

https://cwe.mitre.org/data/definitions/532.html

Information Exposure Vulnerability in Hitachi Ops Center API Configuration Manager, Hitachi Configuration Manager, Hitachi Device Manager allows Session Hijacking.This issue affects Hitachi Ops Center API Configuration Manager: from 10.0.0-00 before 11.0.5-00; Hitachi Configuration Manager: from 8.5.1-00 before 11.0.5-00; Hitachi Device Manager: from 8.4.1-00 before 8.6.5-00.

Weakness

The product writes sensitive information to a log file.

Affected Software

Name	Vendor	Start Version	End Version
Configuration_manager	Hitachi	8.5.1-00 (including)	*
Configuration_manager	Hitachi	8.5.1-00 (including)	11.0.5-00 (excluding)
Device_manager	Hitachi	8.4.1-00 (including)	8.6.5-00 (excluding)
Ops_center_api_configuration_manager	Hitachi	10.0.0-00 (including)	11.0.5-00 (excluding)

Potential Mitigations

https://cwe.mitre.org/data/definitions/215.html

References

https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2026-111/index.html

Insertion of Sensitive Information into Log File

Weakness

Affected Software

Potential Mitigations

Related Attack Patterns

References