{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34461?format=json","vulnerability_id":"VCID-nenr-mv18-eqex","summary":"Cross-Site WebSocket Hijacking vulnerability in Hitachi Ops Center Analyzer (RAID Agent component).This issue affects Hitachi Ops Center Analyzer: from 10.8.0-00 before 11.0.4-00; Hitachi Ops Center Analyzer: from 10.9.0-00 before 11.0.4-00.","aliases":[{"alias":"CVE-2024-8201"}],"fixed_packages":[],"affected_packages":[],"references":[{"reference_url":"https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2025-116/index.html","reference_id":"index.html","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-16T15:32:33Z/"}],"url":"https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2025-116/index.html"}],"weaknesses":[{"cwe_id":1385,"name":"Missing Origin Validation in WebSockets","description":"The product uses a WebSocket, but it does not properly verify that the source of data or communication is valid."}],"exploits":[],"severity_range_score":"5.4 - 5.4","exploitability":null,"weighted_severity":null,"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nenr-mv18-eqex"}