{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-2514", "assignerOrgId": "50d0f415-c707-4733-9afc-8f6c0e9b3f82", "state": "PUBLISHED", "assignerShortName": "Hitachi", "dateReserved": "2025-03-19T01:13:12.468Z", "datePublished": "2026-05-07T07:30:28.144Z", "dateUpdated": "2026-05-07T13:41:12.214Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "50d0f415-c707-4733-9afc-8f6c0e9b3f82", "shortName": "Hitachi", "dateUpdated": "2026-05-07T07:30:28.144Z"}, "title": "Improper Restriction of Excessive Authentication Attempts vulnerability in Hitachi Virtual Storage Platform", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-307", "description": "CWE-307 Improper restriction of excessive authentication attempts", "type": "CWE"}]}], "impacts": [{"capecId": "CAPEC-49", "descriptions": [{"lang": "en", "value": "CAPEC-49 Password Brute Forcing"}]}], "affected": [{"vendor": "Hitachi", "product": "Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900", "versions": [{"status": "affected", "version": "0", "lessThan": "DKCMAIN Ver 88-08-16-xx/00, GUM Ver. 88-08-20/00", "changes": [{"at": "DKCMAIN Ver 88-08-16-xx/00, GUM Ver. 88-08-20/00", "status": "unaffected"}], "versionType": "custom"}, {"status": "affected", "version": "0", "lessThan": "DKCMAIN Ver 93-07-26-xx/00, GUM Ver. 93-07-26/00", "changes": [{"at": "DKCMAIN Ver 93-07-26-xx/00, GUM Ver. 93-07-26/00", "status": "unaffected"}], "versionType": "custom"}, {"status": "affected", "version": "0", "lessThan": "DKCMAIN Ver A3-04-02-xx/00, EMS Ver. A3-04-02/00", "changes": [{"at": "DKCMAIN Ver A3-04-02-xx/00, EMS Ver. A3-04-02/00", "status": "unaffected"}], "versionType": "custom"}, {"status": "affected", "version": "0", "lessThan": "DKCMAIN Ver A3-03-41-xx/00, EMS Ver. A3-03-41/00", "changes": [{"at": "DKCMAIN Ver A3-03-41-xx/00, EMS Ver. A3-03-41/00", "status": "unaffected"}], "versionType": "custom"}, {"status": "affected", "version": "0", "lessThan": "DKCMAIN Ver A3-03-03-xx/00, EMS Ver. A3-03-02/00", "changes": [{"at": "DKCMAIN Ver A3-03-03-xx/00, EMS Ver. A3-03-02/00", "status": "unaffected"}], "versionType": "custom"}], "defaultStatus": "unaffected"}, {"vendor": "Hitachi", "product": "Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H", "versions": [{"status": "affected", "version": "0", "lessThan": "DKCMAIN Ver 88-08-16-xx/00, GUM Ver. 88-08-20/00", "changes": [{"at": "DKCMAIN Ver 88-08-16-xx/00, GUM Ver. 88-08-20/00", "status": "unaffected"}], "versionType": "custom"}, {"status": "affected", "version": "0", "lessThan": "DKCMAIN Ver 93-07-26-xx/00, GUM Ver. 93-07-26/00", "changes": [{"at": "DKCMAIN Ver 93-07-26-xx/00, GUM Ver. 93-07-26/00", "status": "unaffected"}], "versionType": "custom"}, {"status": "affected", "version": "0", "lessThan": "DKCMAIN Ver A3-04-02-xx/00, EMS Ver. A3-04-02/00", "changes": [{"at": "DKCMAIN Ver A3-04-02-xx/00, EMS Ver. A3-04-02/00", "status": "unaffected"}], "versionType": "custom"}, {"status": "affected", "version": "0", "lessThan": "DKCMAIN Ver A3-03-41-xx/00, EMS Ver. A3-03-41/00", "changes": [{"at": "DKCMAIN Ver A3-03-41-xx/00, EMS Ver. A3-03-41/00", "status": "unaffected"}], "versionType": "custom"}, {"status": "affected", "version": "0", "lessThan": "DKCMAIN Ver A3-03-03-xx/00, EMS Ver. A3-03-02/00", "changes": [{"at": "DKCMAIN Ver A3-03-03-xx/00, EMS Ver. A3-03-02/00", "status": "unaffected"}], "versionType": "custom"}], "defaultStatus": "unaffected"}, {"vendor": "Hitachi", "product": "Hitachi Virtual Storage Platform One Block 23, One Block 24, One Block 26, One Block 28", "versions": [{"status": "affected", "version": "0", "lessThan": "DKCMAIN Ver 88-08-16-xx/00, GUM Ver. 88-08-20/00", "changes": [{"at": "DKCMAIN Ver 88-08-16-xx/00, GUM Ver. 88-08-20/00", "status": "unaffected"}], "versionType": "custom"}, {"status": "affected", "version": "0", "lessThan": "DKCMAIN Ver 93-07-26-xx/00, GUM Ver. 93-07-26/00", "changes": [{"at": "DKCMAIN Ver 93-07-26-xx/00, GUM Ver. 93-07-26/00", "status": "unaffected"}], "versionType": "custom"}, {"status": "affected", "version": "0", "lessThan": "DKCMAIN Ver A3-04-02-xx/00, EMS Ver. A3-04-02/00", "changes": [{"at": "DKCMAIN Ver A3-04-02-xx/00, EMS Ver. A3-04-02/00", "status": "unaffected"}], "versionType": "custom"}, {"status": "affected", "version": "0", "lessThan": "DKCMAIN Ver A3-03-41-xx/00, EMS Ver. A3-03-41/00", "changes": [{"at": "DKCMAIN Ver A3-03-41-xx/00, EMS Ver. A3-03-41/00", "status": "unaffected"}], "versionType": "custom"}, {"status": "affected", "version": "0", "lessThan": "DKCMAIN Ver A3-03-03-xx/00, EMS Ver. A3-03-02/00", "changes": [{"at": "DKCMAIN Ver A3-03-03-xx/00, EMS Ver. A3-03-02/00", "status": "unaffected"}], "versionType": "custom"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "Improper restriction of excessive authentication attempts vulnerability in Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900, Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H, Hitachi Virtual Storage Platform One Block 23, One Block 24, One Block 26, One Block 28.\n\nThis issue affects Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900,\u00a0Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H, Hitachi Virtual Storage Platform One Block 23, One Block 24, One Block 26, One Block 28\u00a0 : before DKCMAIN Ver 88-08-16-xx/00, GUM Ver. 88-08-20/00, before DKCMAIN Ver 93-07-26-xx/00, GUM Ver. 93-07-26/00, before DKCMAIN Ver A3-04-02-xx/00, EMS Ver. A3-04-02/00, before DKCMAIN Ver A3-03-41-xx/00, EMS Ver. A3-03-41/00, before DKCMAIN Ver A3-03-03-xx/00, EMS Ver. A3-03-02/00.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "Improper restriction of excessive authentication attempts vulnerability in Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900, Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H, Hitachi Virtual Storage Platform One Block 23, One Block 24, One Block 26, One Block 28.<p>This issue affects Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900,&nbsp;Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H, Hitachi Virtual Storage Platform One Block 23, One Block 24, One Block 26, One Block 28&nbsp; : before DKCMAIN Ver 88-08-16-xx/00, GUM Ver. 88-08-20/00, before DKCMAIN Ver 93-07-26-xx/00, GUM Ver. 93-07-26/00, before DKCMAIN Ver A3-04-02-xx/00, EMS Ver. A3-04-02/00, before DKCMAIN Ver A3-03-41-xx/00, EMS Ver. A3-03-41/00, before DKCMAIN Ver A3-03-03-xx/00, EMS Ver. A3-03-02/00.</p>"}]}], "references": [{"url": "https://www.hitachi.com/products/it/storage-solutions/sec_info/2026/2026_306.html"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseSeverity": "MEDIUM", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}}], "source": {"advisory": "hitachi-sec-2026-306", "discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 1.0.2"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-05-07T13:41:07.277696Z", "id": "CVE-2025-2514", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-05-07T13:41:12.214Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-2514", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-05-07T13:41:07.277696Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-05-07T13:41:09.480Z"}}], "cna": {"title": "Improper Restriction of Excessive Authentication Attempts vulnerability in Hitachi Virtual Storage Platform", "source": {"advisory": "hitachi-sec-2026-306", "discovery": "UNKNOWN"}, "impacts": [{"capecId": "CAPEC-49", "descriptions": [{"lang": "en", "value": "CAPEC-49 Password Brute Forcing"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Hitachi", "product": "Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900", "versions": [{"status": "affected", "changes": [{"at": "DKCMAIN Ver 88-08-16-xx/00, GUM Ver. 88-08-20/00", "status": "unaffected"}], "version": "0", "lessThan": "DKCMAIN Ver 88-08-16-xx/00, GUM Ver. 88-08-20/00", "versionType": "custom"}, {"status": "affected", "changes": [{"at": "DKCMAIN Ver 93-07-26-xx/00, GUM Ver. 93-07-26/00", "status": "unaffected"}], "version": "0", "lessThan": "DKCMAIN Ver 93-07-26-xx/00, GUM Ver. 93-07-26/00", "versionType": "custom"}, {"status": "affected", "changes": [{"at": "DKCMAIN Ver A3-04-02-xx/00, EMS Ver. A3-04-02/00", "status": "unaffected"}], "version": "0", "lessThan": "DKCMAIN Ver A3-04-02-xx/00, EMS Ver. A3-04-02/00", "versionType": "custom"}, {"status": "affected", "changes": [{"at": "DKCMAIN Ver A3-03-41-xx/00, EMS Ver. A3-03-41/00", "status": "unaffected"}], "version": "0", "lessThan": "DKCMAIN Ver A3-03-41-xx/00, EMS Ver. A3-03-41/00", "versionType": "custom"}, {"status": "affected", "changes": [{"at": "DKCMAIN Ver A3-03-03-xx/00, EMS Ver. A3-03-02/00", "status": "unaffected"}], "version": "0", "lessThan": "DKCMAIN Ver A3-03-03-xx/00, EMS Ver. A3-03-02/00", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"vendor": "Hitachi", "product": "Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H", "versions": [{"status": "affected", "changes": [{"at": "DKCMAIN Ver 88-08-16-xx/00, GUM Ver. 88-08-20/00", "status": "unaffected"}], "version": "0", "lessThan": "DKCMAIN Ver 88-08-16-xx/00, GUM Ver. 88-08-20/00", "versionType": "custom"}, {"status": "affected", "changes": [{"at": "DKCMAIN Ver 93-07-26-xx/00, GUM Ver. 93-07-26/00", "status": "unaffected"}], "version": "0", "lessThan": "DKCMAIN Ver 93-07-26-xx/00, GUM Ver. 93-07-26/00", "versionType": "custom"}, {"status": "affected", "changes": [{"at": "DKCMAIN Ver A3-04-02-xx/00, EMS Ver. A3-04-02/00", "status": "unaffected"}], "version": "0", "lessThan": "DKCMAIN Ver A3-04-02-xx/00, EMS Ver. A3-04-02/00", "versionType": "custom"}, {"status": "affected", "changes": [{"at": "DKCMAIN Ver A3-03-41-xx/00, EMS Ver. A3-03-41/00", "status": "unaffected"}], "version": "0", "lessThan": "DKCMAIN Ver A3-03-41-xx/00, EMS Ver. A3-03-41/00", "versionType": "custom"}, {"status": "affected", "changes": [{"at": "DKCMAIN Ver A3-03-03-xx/00, EMS Ver. A3-03-02/00", "status": "unaffected"}], "version": "0", "lessThan": "DKCMAIN Ver A3-03-03-xx/00, EMS Ver. A3-03-02/00", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"vendor": "Hitachi", "product": "Hitachi Virtual Storage Platform One Block 23, One Block 24, One Block 26, One Block 28", "versions": [{"status": "affected", "changes": [{"at": "DKCMAIN Ver 88-08-16-xx/00, GUM Ver. 88-08-20/00", "status": "unaffected"}], "version": "0", "lessThan": "DKCMAIN Ver 88-08-16-xx/00, GUM Ver. 88-08-20/00", "versionType": "custom"}, {"status": "affected", "changes": [{"at": "DKCMAIN Ver 93-07-26-xx/00, GUM Ver. 93-07-26/00", "status": "unaffected"}], "version": "0", "lessThan": "DKCMAIN Ver 93-07-26-xx/00, GUM Ver. 93-07-26/00", "versionType": "custom"}, {"status": "affected", "changes": [{"at": "DKCMAIN Ver A3-04-02-xx/00, EMS Ver. A3-04-02/00", "status": "unaffected"}], "version": "0", "lessThan": "DKCMAIN Ver A3-04-02-xx/00, EMS Ver. A3-04-02/00", "versionType": "custom"}, {"status": "affected", "changes": [{"at": "DKCMAIN Ver A3-03-41-xx/00, EMS Ver. A3-03-41/00", "status": "unaffected"}], "version": "0", "lessThan": "DKCMAIN Ver A3-03-41-xx/00, EMS Ver. A3-03-41/00", "versionType": "custom"}, {"status": "affected", "changes": [{"at": "DKCMAIN Ver A3-03-03-xx/00, EMS Ver. A3-03-02/00", "status": "unaffected"}], "version": "0", "lessThan": "DKCMAIN Ver A3-03-03-xx/00, EMS Ver. A3-03-02/00", "versionType": "custom"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://www.hitachi.com/products/it/storage-solutions/sec_info/2026/2026_306.html"}], "x_generator": {"engine": "Vulnogram 1.0.2"}, "descriptions": [{"lang": "en", "value": "Improper restriction of excessive authentication attempts vulnerability in Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900, Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H, Hitachi Virtual Storage Platform One Block 23, One Block 24, One Block 26, One Block 28.\n\nThis issue affects Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900,\u00a0Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H, Hitachi Virtual Storage Platform One Block 23, One Block 24, One Block 26, One Block 28\u00a0 : before DKCMAIN Ver 88-08-16-xx/00, GUM Ver. 88-08-20/00, before DKCMAIN Ver 93-07-26-xx/00, GUM Ver. 93-07-26/00, before DKCMAIN Ver A3-04-02-xx/00, EMS Ver. A3-04-02/00, before DKCMAIN Ver A3-03-41-xx/00, EMS Ver. A3-03-41/00, before DKCMAIN Ver A3-03-03-xx/00, EMS Ver. A3-03-02/00.", "supportingMedia": [{"type": "text/html", "value": "Improper restriction of excessive authentication attempts vulnerability in Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900, Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H, Hitachi Virtual Storage Platform One Block 23, One Block 24, One Block 26, One Block 28.<p>This issue affects Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900,&nbsp;Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H, Hitachi Virtual Storage Platform One Block 23, One Block 24, One Block 26, One Block 28&nbsp; : before DKCMAIN Ver 88-08-16-xx/00, GUM Ver. 88-08-20/00, before DKCMAIN Ver 93-07-26-xx/00, GUM Ver. 93-07-26/00, before DKCMAIN Ver A3-04-02-xx/00, EMS Ver. A3-04-02/00, before DKCMAIN Ver A3-03-41-xx/00, EMS Ver. A3-03-41/00, before DKCMAIN Ver A3-03-03-xx/00, EMS Ver. A3-03-02/00.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-307", "description": "CWE-307 Improper restriction of excessive authentication attempts"}]}], "providerMetadata": {"orgId": "50d0f415-c707-4733-9afc-8f6c0e9b3f82", "shortName": "Hitachi", "dateUpdated": "2026-05-07T07:30:28.144Z"}}}, "cveMetadata": {"cveId": "CVE-2025-2514", "state": "PUBLISHED", "dateUpdated": "2026-05-07T13:41:12.214Z", "dateReserved": "2025-03-19T01:13:12.468Z", "assignerOrgId": "50d0f415-c707-4733-9afc-8f6c0e9b3f82", "datePublished": "2026-05-07T07:30:28.144Z", "assignerShortName": "Hitachi"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Improper restriction of excessive authentication attempts vulnerability in Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900, Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H, Hitachi Virtual Storage Platform One Block 23, One Block 24, One Block 26, One Block 28.\n\nThis issue affects Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900,\u00a0Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H, Hitachi Virtual Storage Platform One Block 23, One Block 24, One Block 26, One Block 28\u00a0 : before DKCMAIN Ver 88-08-16-xx/00, GUM Ver. 88-08-20/00, before DKCMAIN Ver 93-07-26-xx/00, GUM Ver. 93-07-26/00, before DKCMAIN Ver A3-04-02-xx/00, EMS Ver. A3-04-02/00, before DKCMAIN Ver A3-03-41-xx/00, EMS Ver. A3-03-41/00, before DKCMAIN Ver A3-03-03-xx/00, EMS Ver. A3-03-02/00."}], "id": "CVE-2025-2514", "lastModified": "2026-05-07T15:15:06.770", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "hirt@hitachi.co.jp", "type": "Secondary"}]}, "published": "2026-05-07T09:16:26.183", "references": [{"source": "hirt@hitachi.co.jp", "url": "https://www.hitachi.com/products/it/storage-solutions/sec_info/2026/2026_306.html"}], "sourceIdentifier": "hirt@hitachi.co.jp", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-307"}], "source": "hirt@hitachi.co.jp", "type": "Secondary"}]}

{}

{"created": "2026-05-07T09:30:06.201243+00:00", "updated": "2026-05-07T09:30:06.201255+00:00", "vendors": []}