Skip to Main Content

Hitachi Logo
earth icon
    mail icon Contact Us
    Hitachi Global
    Hitachi Global

    Hitachi Security Advisories

    In this web site, HIRT publishes integrated security advisories related to information systems of Hitachi group in order positively to comply with "Information Security Early Warning Partnership Guideline".

     

    • Vulnerabiliy handling related to information systems

      Advisories for vulnerabilities related to Hitachi products and solutions to solve and avoid problems caused by vulnerabilities. Please refer to HIRT-PUB10008: Hitachi Vulnerabirity Disclosure Process which describes detailed process of vulnerability information disclosure for product development related to information system.

       

    • Incident handling related to information systems

      Advisories for avoidance of attacks occurring actually and for solutions of security problems.

     

    Hitachi group intends to mitigate damages caused by vulnerabilities and/or malwares through appropriate disclosure policy, and to fix the damages once an incident occurs.

    Security Advisories with the Use of JVNRSS

    JVNRSS is an XML format for outline description of vulnerability intelligence which is adopted by JVN (JapanVulnerabirity Notes) which IPA (Information-technology Promotion Agency, Japan) and JPCERT/CC jointly operate.

     

    HIRT dispatches security intelligence based on JVNRSS 2.0 format in order to actively comply with "Trial of automated collection of vulnerability intelligence dispatched by product developer" which has been tested by IPA.

     

    Hitachi Security Information
    https://www.hitachi.com/ja-jp/hirt/security/ RSS

     

    IT Platform R&D Management Division Security Vulnerability Information
    https://www.hitachi.com/products/it/software/security/info/ RSS

     

    Vulnerability Report to JVN (Japan Vulnerability Notes)

    HIRT is positively promoting activities to comply with JVN (JapanVulnerabirity Notes ) co-operated by IPA (Information-technology Promotion Agency, Japan) and JPCERT/CC.
    Also, HIRT reports to JVN on vulnerability reporting framework. , which may affect other companies' products, based on Information Security Early Warning Partnership Guideline.

     

    February 10, 2014

    JVN#14876762 Apache Commons FileUpload vulnerable to denial-of-service (DoS)

    August 19, 2011

    JVN#06924191 Microsoft Windows XP vulnerable to denial-of-service (DoS)

    October 12, 2010

    JVN#82752978 Lhaplus may insecurely load dynamic libraries

    December 13, 2007

    JVN#80057925 Cross-site scripting vulnerability in Apache HTTP Server "mod_imap" and "mod_imagemap"

    September 30, 2005

    JVN#79314822 Tomcat vulnerable in request processing

    March 14, 2005

    JVN#DD18AD07 Apache Tomcat denial of service vulnerability

    January 11, 2005

    JVN#1BF8D7AA LDAP server update function vulnerable to buffer overflow

    December 15, 2004

    JVN#904429FE Namazu cross-site scripting vulnerability

    Hitachi Group Links

    Hitachi Industrial Equipment Systems (Japanese)

     

    Hitachi Solutions (Japanese)

     

    Hitachi Systems (Japanese)

     

    SecureBrain

     

    Hitachi Vantara

     

    Hitachi Energy

     

    Hitachi Systems Security