Description
Open Redirect vulnerability in Hitachi Ops Center Administrator.This issue affects Hitachi Ops Center Administrator: from 10.2.0 before 11.0.8.
Published: 2026-03-25
Score: 4.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Open Redirect for Potential Phishing
Action: Apply Patch
AI Analysis

Impact

The vulnerability is an improper validation of user‑supplied URLs that allows an attacker to craft a link which, when followed by a user, redirects them to an arbitrary external location. This open redirect can be used for phishing campaigns or to trick users into visiting malicious sites, potentially compromising credentials or delivering malware. The weakness is a classic input validation defect classified as CWE‑601.

Affected Systems

The affected product is Hitachi Ops Center Administrator. Versions from 10.2.0 up to but not including 11.0.8 are vulnerable. No other vendors or products are listed in the CNA data.

Risk and Exploitability

The CVSS score of 4.3 indicates moderate severity. EPSS data is not available, and the vulnerability is not listed in the CISA KEV catalog, suggesting no widespread exploitation yet. The likely attack path requires an attacker to embed a malicious URL into the application or deliver it through a phishing email. Successful exploitation hinges on user interaction – the user must click the manipulated link. Once redirected, the user may be exposed to phishing or other malicious content. Given the moderate score and user interaction requirement, the risk is considered moderate but should be mitigated promptly.

Generated by OpenCVE AI on March 25, 2026 at 03:50 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update Hitachi Ops Center Administrator to version 11.0.8 or later

Generated by OpenCVE AI on March 25, 2026 at 03:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 25 Mar 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 25 Mar 2026 12:00:00 +0000

Type Values Removed Values Added
First Time appeared Hitachi
Hitachi ops Center Administrator
Vendors & Products Hitachi
Hitachi ops Center Administrator

Wed, 25 Mar 2026 02:45:00 +0000

Type Values Removed Values Added
Description Open Redirect vulnerability in Hitachi Ops Center Administrator.This issue affects Hitachi Ops Center Administrator: from 10.2.0 before 11.0.8.
Title Open Redirect Vulnerability in Hitachi Ops Center Administrator
Weaknesses CWE-601
References
Metrics cvssV3_1

{'score': 4.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N'}

Subscriptions

Hitachi Ops Center Administrator
cve-icon MITRE

Status: PUBLISHED

Assigner: Hitachi

Published:

Updated: 2026-03-25T13:30:24.956Z

Reserved: 2026-01-19T05:00:10.434Z

Link: CVE-2026-1166

cve-icon Vulnrichment

Updated: 2026-03-25T13:30:21.394Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-03-25T03:16:05.643

Modified: 2026-03-25T15:41:33.977

Link: CVE-2026-1166

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-25T21:15:59Z

Weaknesses