CVE-2025-2514— Improper Restriction of Excessive Authentication Attempts vulnerability in Hitachi Virtual Storage Platform
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2025-2514
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Improper Restriction of Excessive Authentication Attempts vulnerability in Hitachi Virtual Storage Platform
Source: NVD (National Vulnerability Database)
Vulnerability Description
Improper restriction of excessive authentication attempts vulnerability in Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900, Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H, Hitachi Virtual Storage Platform One Block 23, One Block 24, One Block 26, One Block 28. This issue affects Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900, Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H, Hitachi Virtual Storage Platform One Block 23, One Block 24, One Block 26, One Block 28 : before DKCMAIN Ver 88-08-16-xx/00, GUM Ver. 88-08-20/00, before DKCMAIN Ver 93-07-26-xx/00, GUM Ver. 93-07-26/00, before DKCMAIN Ver A3-04-02-xx/00, EMS Ver. A3-04-02/00, before DKCMAIN Ver A3-03-41-xx/00, EMS Ver. A3-03-41/00, before DKCMAIN Ver A3-03-03-xx/00, EMS Ver. A3-03-02/00.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
过多认证尝试的限制不恰当
Source: NVD (National Vulnerability Database)
Vulnerability Title
Hitachi Virtual Storage Platform和Hitachi Virtual Storage Platform One Block 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Hitachi Virtual Storage Platform和Hitachi Virtual Storage Platform One Block都是日本日立制作所(Hitachi)公司的产品。Hitachi Virtual Storage Platform是一系列用于数据中心的计算机数据存储系统。Hitachi Virtual Storage Platform One Block是一款高性能块存储系统设备。 Hitachi Virtual Storage Platform和Hitachi Virtu
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Hitachi | Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900 | 0 ~ DKCMAIN Ver 88-08-16-xx/00, GUM Ver. 88-08-20/00 | - | |
| Hitachi | Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H | 0 ~ DKCMAIN Ver 88-08-16-xx/00, GUM Ver. 88-08-20/00 | - | |
| Hitachi | Hitachi Virtual Storage Platform One Block 23, One Block 24, One Block 26, One Block 28 | 0 ~ DKCMAIN Ver 88-08-16-xx/00, GUM Ver. 88-08-20/00 | - |
II. Public POCs for CVE-2025-2514
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2025-2514
请登录查看更多情报信息。
Same Patch Batch · Hitachi · 2026-05-07 · 3 CVEs total
| CVE-2025-1978 | 8.3 HIGH | Remote Code Execution Vulnerability in Hitachi Storage Navigator and the maintenance conso |
| CVE-2025-9661 | 8.1 HIGH | OS command injection vulneravility in the management gui (maintenance utility) of Hitachi |
IV. Related Vulnerabilities
Same vendor: Hitachi
- CVE-2025-1978
Remote Code Execution Vulnerability in Hitachi Storage Navig - CVE-2025-9661
OS command injection vulneravility in the management gui (ma - CVE-2025-65116
Buffer Overflow Vulnerability in JP1/IT Desktop Management 2 - CVE-2025-65115
Remote Code Execution Vulnerability in JP1/IT Desktop Manage - CVE-2026-2072
Cross-Site Scripting vulnerability in Hitachi Infrastructure
Same weakness: CWE-307
- CVE-2026-41893
Signal K Server's WebSocket Login Endpoint Lacks Rate Limiti - CVE-2023-54347
OpenEMR 7.0.1 Authentication Brute Force Mitigation Bypass - CVE-2026-7671
CodeWise Tornet Scooter Mobile App TwoFactor excessive authe - CVE-2026-26206
Wazuh: API brute-force protection bypass via race condition - CVE-2026-6947
D-Link|DWM-222W USB Wi-Fi Adapter - Brute-Force Protection B
V. Comments for CVE-2025-2514
No comments yet