CVE-2026-2072 is a cross-site scripting (XSS) vulnerability classified under CWE-79, found in the Analytics probe component of Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center Analyzer products. This vulnerability affects versions from 10.0.0-00 up to but not including 11.0.5-00. The root cause is improper neutralization of user-supplied input during dynamic web page generation, which allows an attacker with low privileges to inject malicious JavaScript code into the web interface. Successful exploitation requires the attacker to have at least limited authenticated access and to trick a user into interacting with the malicious payload (user interaction). The vulnerability impacts confidentiality severely by enabling theft of session tokens, credentials, or other sensitive information accessible via the web interface. Integrity and availability impacts are rated lower but still present, as injected scripts could manipulate displayed data or cause denial of service through script execution. The CVSS v3.1 base score is 8.2, reflecting network attack vector, low attack complexity, privileges required, user interaction, and a scope change due to potential cross-origin impacts. No public exploits or active exploitation have been reported yet, but the vulnerability poses a significant risk to organizations relying on these Hitachi products for infrastructure analytics and operations management. The lack of an official patch at the time of reporting necessitates immediate mitigation through configuration and monitoring.

The vulnerability allows attackers to execute arbitrary scripts in the context of the affected web application, leading to potential theft of sensitive information such as authentication tokens, user credentials, or configuration data. This compromises confidentiality and can facilitate further attacks like session hijacking or privilege escalation. Integrity may be impacted if malicious scripts alter displayed data or configuration settings. Availability could be disrupted if injected scripts cause application crashes or denial of service. Organizations using Hitachi Infrastructure Analytics Advisor and Ops Center Analyzer in critical infrastructure monitoring and management environments may face operational disruptions and data breaches. Given the network-exploitable nature and low complexity, the vulnerability could be leveraged by insiders or external attackers with limited access, increasing the attack surface. The cross-site scripting flaw could also be used as a pivot point for lateral movement within enterprise networks, especially in environments where these tools have elevated privileges or access to sensitive systems.

1. Apply patches or updates from Hitachi as soon as they become available to address CVE-2026-2072 directly. 2. Until patches are released, restrict access to the affected web interfaces to trusted networks and users only, employing network segmentation and strong authentication controls. 3. Implement web application firewall (WAF) rules to detect and block common XSS attack patterns targeting the Analytics probe component. 4. Enforce strict input validation and output encoding on all user-supplied data within the application, if customization or configuration options exist. 5. Monitor logs and network traffic for unusual activity indicative of attempted XSS exploitation or anomalous user behavior. 6. Educate users about the risks of interacting with suspicious links or content within the management interface. 7. Conduct regular security assessments and penetration testing focused on web application vulnerabilities in critical infrastructure tools. 8. Consider deploying Content Security Policy (CSP) headers to limit the execution of unauthorized scripts in the web interface environment.