CVE-2026-3314
Deferred Deferred - Pending Action
Password Field Masking Missing in Hitachi Ops Center Analyzer

Publication date: 2026-05-26

Last updated on: 2026-05-26

Assigner: Hitachi, Ltd.

Description
Missing password field masking vulnerability in Hitachi Ops Center Analyzer (Hitachi Ops Center Analyzer detail view, Hitachi Ops Center Analyzer probe modules), Hitachi Ops Center Analyzer viewpoint, Hitachi Infrastructure Analytics Advisor (Data Center Analytics, Analytics probe modules). This issue affects Hitachi Ops Center Analyzer: from 10.0.0-00 before 11.0.8-00; Hitachi Ops Center Analyzer viewpoint: from 10.8.1-00 before 11.0.8-00; Hitachi Infrastructure Analytics Advisor: from 3.2.0-00 before 11.0.8-00.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-26
Last Modified
2026-05-26
Generated
2026-06-15
AI Q&A
2026-05-26
EPSS Evaluated
2026-06-14
NVD
CVE-2026-3314
EUVD
EUVD-2026-31795
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
hitachi ops_center_analyzer From 10.0.0-00 (inc) to 11.0.8-00 (exc)
hitachi ops_center_analyzer_viewpoint From 10.8.1-00 (inc) to 11.0.8-00 (exc)
hitachi infrastructure_analytics_advisor From 3.2.0-00 (inc) to 11.0.8-00 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-549 The product does not mask passwords during entry, increasing the potential for attackers to observe and capture passwords.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

The vulnerability involves missing password field masking in Hitachi Ops Center Analyzer and related products, which could expose sensitive password information to unauthorized users.

Exposure of sensitive password information may lead to non-compliance with data protection regulations such as GDPR and HIPAA, which require protection of sensitive authentication credentials to ensure confidentiality and prevent unauthorized access.

Therefore, this vulnerability could negatively impact compliance with these common standards by increasing the risk of unauthorized disclosure of sensitive information.

Executive Summary

CVE-2026-3314 is a vulnerability in Hitachi Infrastructure Analytics Advisor, Hitachi Ops Center Analyzer, and Hitachi Ops Center Analyzer viewpoint where passwords are not properly masked in the user interface.

This means that when users enter passwords in these products, the passwords may be visible instead of being hidden or obscured, potentially exposing sensitive password information to unauthorized users.

Impact Analysis

The vulnerability could potentially expose sensitive password information to unauthorized users, which may lead to unauthorized access if attackers obtain these passwords.

Since the passwords are not masked, anyone with access to the user interface could see the passwords in plain text, increasing the risk of credential compromise.

Mitigation Strategies

To mitigate this vulnerability, users are advised to upgrade affected products to the fixed versions.

  • Upgrade Hitachi Ops Center Analyzer and Hitachi Ops Center Analyzer viewpoint to version 11.0.8-00 or later.
  • Upgrade Hitachi Infrastructure Analytics Advisor to version 11.0.8-00 or later.

No workarounds are provided for this vulnerability, so upgrading is the only recommended immediate action.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-3314. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart