gsd-2022-36407
Vulnerability from gsd
Modified
2023-12-13 01:19
Details
Insertion of Sensitive Information into Log File vulnerability in Hitachi Virtual Storage Platform, Hitachi Virtual Storage Platform VP9500, Hitachi Virtual Storage Platform G1000, G1500, Hitachi Virtual Storage Platform F1500, Hitachi Virtual Storage Platform 5100, 5500, 5100H, 5500H, Hitachi Virtual Storage Platform 5200, 5600, 5200H, 5600H, Hitachi Unified Storage VM, Hitachi Virtual Storage Platform G100, G200, G400, G600, G800, Hitachi Virtual Storage Platform F400, F600, F800, Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, Hitachi Virtual Storage Platform F350, F370, F700, F900, Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H allows
local users to gain sensitive information.This issue affects Hitachi Virtual Storage Platform: before DKCMAIN Ver. 70-06-74-00/00, SVP Ver. 70-06-58/00; Hitachi Virtual Storage Platform VP9500: before DKCMAIN Ver. 70-06-74-00/00, SVP Ver. 70-06-58/00; Hitachi Virtual Storage Platform G1000, G1500: before DKCMAIN Ver. 80-06-92-00/00, SVP Ver. 80-06-87/00; Hitachi Virtual Storage Platform F1500: before DKCMAIN Ver. 80-06-92-00/00, SVP Ver. 80-06-87/00; Hitachi Virtual Storage Platform 5100, 5500,5100H, 5500H: before DKCMAIN Ver. 90-08-81-00/00, SVP Ver. 90-08-81/00, before DKCMAIN Ver. 90-08-62-00/00, SVP Ver. 90-08-62/00, before DKCMAIN Ver. 90-08-43-00/00, SVP Ver. 90-08-43/00; Hitachi Virtual Storage Platform 5200, 5600,5200H, 5600H: before DKCMAIN Ver. 90-08-81-00/00, SVP Ver. 90-08-81/00, before DKCMAIN Ver. 90-08-62-00/00, SVP Ver. 90-08-62/00, before DKCMAIN Ver. 90-08-43-00/00, SVP Ver. 90-08-43/00; Hitachi Unified Storage VM: before DKCMAIN Ver. 73-03-75-X0/00, SVP Ver. 73-03-74/00, before DKCMAIN Ver. 73(75)-03-75-X0/00, SVP Ver. 73(75)-03-74/00; Hitachi Virtual Storage Platform G100, G200, G400, G600, G800: before DKCMAIN Ver. 83-06-19-X0/00, SVP Ver. 83-06-20-X0/00, before DKCMAIN Ver. 83-05-47-X0/00, SVP Ver. 83-05-51-X0/00; Hitachi Virtual Storage Platform F400, F600, F800: before DKCMAIN Ver. 83-06-19-X0/00, SVP Ver. 83-06-20-X0/00, before DKCMAIN Ver. 83-05-47-X0/00, SVP Ver. 83-05-51-X0/00; Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900: before DKCMAIN Ver. 88-08-09-XX/00, SVP Ver. 88-08-11-X0/02; Hitachi Virtual Storage Platform F350, F370, F700, F900: before DKCMAIN Ver. 88-08-09-XX/00, SVP Ver. 88-08-11-X0/02; Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H: before DKCMAIN Ver. 93-06-81-X0/00, SVP Ver. 93-06-81-X0/00, before DKCMAIN Ver. 93-06-62-X0/00, SVP Ver. 93-06-62-X0/00, before DKCMAIN Ver. 93-06-43-X0/00, SVP Ver. 93-06-43-X0/00.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2022-36407",
"id": "GSD-2022-36407"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2022-36407"
],
"details": "Insertion of Sensitive Information into Log File vulnerability in Hitachi Virtual Storage Platform, Hitachi Virtual Storage Platform VP9500, Hitachi Virtual Storage Platform G1000, G1500, Hitachi Virtual Storage Platform F1500, Hitachi Virtual Storage Platform 5100, 5500, 5100H, 5500H, Hitachi Virtual Storage Platform 5200, 5600, 5200H, 5600H, Hitachi Unified Storage VM, Hitachi Virtual Storage Platform G100, G200, G400, G600, G800, Hitachi Virtual Storage Platform F400, F600, F800, Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, Hitachi Virtual Storage Platform F350, F370, F700, F900, Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H allows \n\nlocal users to gain sensitive information.This issue affects Hitachi Virtual Storage Platform: before DKCMAIN Ver. 70-06-74-00/00, SVP Ver. 70-06-58/00; Hitachi Virtual Storage Platform VP9500: before DKCMAIN Ver. 70-06-74-00/00, SVP Ver. 70-06-58/00; Hitachi Virtual Storage Platform G1000, G1500: before DKCMAIN Ver. 80-06-92-00/00, SVP Ver. 80-06-87/00; Hitachi Virtual Storage Platform F1500: before DKCMAIN Ver. 80-06-92-00/00, SVP Ver. 80-06-87/00; Hitachi Virtual Storage Platform 5100, 5500,5100H, 5500H: before DKCMAIN Ver. 90-08-81-00/00, SVP Ver. 90-08-81/00, before DKCMAIN Ver. 90-08-62-00/00, SVP Ver. 90-08-62/00, before DKCMAIN Ver. 90-08-43-00/00, SVP Ver. 90-08-43/00; Hitachi Virtual Storage Platform 5200, 5600,5200H, 5600H: before DKCMAIN Ver. 90-08-81-00/00, SVP Ver. 90-08-81/00, before DKCMAIN Ver. 90-08-62-00/00, SVP Ver. 90-08-62/00, before DKCMAIN Ver. 90-08-43-00/00, SVP Ver. 90-08-43/00; Hitachi Unified Storage VM: before DKCMAIN Ver. 73-03-75-X0/00, SVP Ver. 73-03-74/00, before DKCMAIN Ver. 73(75)-03-75-X0/00, SVP Ver. 73(75)-03-74/00; Hitachi Virtual Storage Platform G100, G200, G400, G600, G800: before DKCMAIN Ver. 83-06-19-X0/00, SVP Ver. 83-06-20-X0/00, before DKCMAIN Ver. 83-05-47-X0/00, SVP Ver. 83-05-51-X0/00; Hitachi Virtual Storage Platform F400, F600, F800: before DKCMAIN Ver. 83-06-19-X0/00, SVP Ver. 83-06-20-X0/00, before DKCMAIN Ver. 83-05-47-X0/00, SVP Ver. 83-05-51-X0/00; Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900: before DKCMAIN Ver. 88-08-09-XX/00, SVP Ver. 88-08-11-X0/02; Hitachi Virtual Storage Platform F350, F370, F700, F900: before DKCMAIN Ver. 88-08-09-XX/00, SVP Ver. 88-08-11-X0/02; Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H: before DKCMAIN Ver. 93-06-81-X0/00, SVP Ver. 93-06-81-X0/00, before DKCMAIN Ver. 93-06-62-X0/00, SVP Ver. 93-06-62-X0/00, before DKCMAIN Ver. 93-06-43-X0/00, SVP Ver. 93-06-43-X0/00.\n\n",
"id": "GSD-2022-36407",
"modified": "2023-12-13T01:19:21.259167Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "hirt@hitachi.co.jp",
"ID": "CVE-2022-36407",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Hitachi Virtual Storage Platform",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected",
"versions": [
{
"changes": [
{
"at": "DKCMAIN Ver. 70-06-74-00/00, SVP Ver. 70-06-58/00",
"status": "unaffected"
}
],
"lessThan": "DKCMAIN Ver. 70-06-74-00/00, SVP Ver. 70-06-58/00",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
}
]
}
},
{
"product_name": "Hitachi Virtual Storage Platform VP9500",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected",
"versions": [
{
"changes": [
{
"at": "DKCMAIN Ver. 70-06-74-00/00, SVP Ver. 70-06-58/00",
"status": "unaffected"
}
],
"lessThan": "DKCMAIN Ver. 70-06-74-00/00, SVP Ver. 70-06-58/00",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
}
]
}
},
{
"product_name": "Hitachi Virtual Storage Platform G1000, G1500",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected",
"versions": [
{
"changes": [
{
"at": "DKCMAIN Ver. 80-06-92-00/00, SVP Ver. 80-06-87/00",
"status": "unaffected"
}
],
"lessThan": "DKCMAIN Ver. 80-06-92-00/00, SVP Ver. 80-06-87/00",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
}
]
}
},
{
"product_name": "Hitachi Virtual Storage Platform F1500",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected",
"versions": [
{
"changes": [
{
"at": "DKCMAIN Ver. 80-06-92-00/00, SVP Ver. 80-06-87/00",
"status": "unaffected"
}
],
"lessThan": "DKCMAIN Ver. 80-06-92-00/00, SVP Ver. 80-06-87/00",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
}
]
}
},
{
"product_name": "Hitachi Virtual Storage Platform 5100, 5500, 5100H, 5500H",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected",
"versions": [
{
"changes": [
{
"at": "DKCMAIN Ver. 90-08-81-00/00, SVP Ver. 90-08-81/00",
"status": "unaffected"
}
],
"lessThan": "DKCMAIN Ver. 90-08-81-00/00, SVP Ver. 90-08-81/00",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"changes": [
{
"at": "DKCMAIN Ver. 90-08-62-00/00, SVP Ver. 90-08-62/00",
"status": "unaffected"
}
],
"lessThan": "DKCMAIN Ver. 90-08-62-00/00, SVP Ver. 90-08-62/00",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"changes": [
{
"at": "DKCMAIN Ver. 90-08-43-00/00, SVP Ver. 90-08-43/00",
"status": "unaffected"
}
],
"lessThan": "DKCMAIN Ver. 90-08-43-00/00, SVP Ver. 90-08-43/00",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
}
]
}
},
{
"product_name": "Hitachi Virtual Storage Platform 5200, 5600, 5200H, 5600H",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected",
"versions": [
{
"changes": [
{
"at": "DKCMAIN Ver. 90-08-81-00/00, SVP Ver. 90-08-81/00",
"status": "unaffected"
}
],
"lessThan": "DKCMAIN Ver. 90-08-81-00/00, SVP Ver. 90-08-81/00",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"changes": [
{
"at": "DKCMAIN Ver. 90-08-62-00/00, SVP Ver. 90-08-62/00",
"status": "unaffected"
}
],
"lessThan": "DKCMAIN Ver. 90-08-62-00/00, SVP Ver. 90-08-62/00",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"changes": [
{
"at": "DKCMAIN Ver. 90-08-43-00/00, SVP Ver. 90-08-43/00",
"status": "unaffected"
}
],
"lessThan": "DKCMAIN Ver. 90-08-43-00/00, SVP Ver. 90-08-43/00",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
}
]
}
},
{
"product_name": "Hitachi Unified Storage VM",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected",
"versions": [
{
"changes": [
{
"at": "DKCMAIN Ver. 73-03-75-X0/00, SVP Ver. 73-03-74/00",
"status": "unaffected"
}
],
"lessThan": "DKCMAIN Ver. 73-03-75-X0/00, SVP Ver. 73-03-74/00",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"changes": [
{
"at": "DKCMAIN Ver. 73(75)-03-75-X0/00, SVP Ver. 73(75)-03-74/00",
"status": "unaffected"
}
],
"lessThan": "DKCMAIN Ver. 73(75)-03-75-X0/00, SVP Ver. 73(75)-03-74/00",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
}
]
}
},
{
"product_name": "Hitachi Virtual Storage Platform G100, G200, G400, G600, G800",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected",
"versions": [
{
"changes": [
{
"at": "DKCMAIN Ver. 83-06-19-X0/00, SVP Ver. 83-06-20-X0/00",
"status": "unaffected"
}
],
"lessThan": "DKCMAIN Ver. 83-06-19-X0/00, SVP Ver. 83-06-20-X0/00",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"changes": [
{
"at": "DKCMAIN Ver. 83-05-47-X0/00, SVP Ver. 83-05-51-X0/00",
"status": "unaffected"
}
],
"lessThan": "DKCMAIN Ver. 83-05-47-X0/00, SVP Ver. 83-05-51-X0/00",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
}
]
}
},
{
"product_name": "Hitachi Virtual Storage Platform F400, F600, F800",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected",
"versions": [
{
"changes": [
{
"at": "DKCMAIN Ver. 83-06-19-X0/00, SVP Ver. 83-06-20-X0/00",
"status": "unaffected"
}
],
"lessThan": "DKCMAIN Ver. 83-06-19-X0/00, SVP Ver. 83-06-20-X0/00",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"changes": [
{
"at": "DKCMAIN Ver. 83-05-47-X0/00, SVP Ver. 83-05-51-X0/00",
"status": "unaffected"
}
],
"lessThan": "DKCMAIN Ver. 83-05-47-X0/00, SVP Ver. 83-05-51-X0/00",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
}
]
}
},
{
"product_name": "Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected",
"versions": [
{
"changes": [
{
"at": "DKCMAIN Ver. 88-08-09-XX/00, SVP Ver. 88-08-11-X0/02",
"status": "unaffected"
}
],
"lessThan": "DKCMAIN Ver. 88-08-09-XX/00, SVP Ver. 88-08-11-X0/02",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
}
]
}
},
{
"product_name": "Hitachi Virtual Storage Platform F350, F370, F700, F900",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected",
"versions": [
{
"changes": [
{
"at": "DKCMAIN Ver. 88-08-09-XX/00, SVP Ver. 88-08-11-X0/02",
"status": "unaffected"
}
],
"lessThan": "DKCMAIN Ver. 88-08-09-XX/00, SVP Ver. 88-08-11-X0/02",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
}
]
}
},
{
"product_name": "Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected",
"versions": [
{
"changes": [
{
"at": "DKCMAIN Ver. 93-06-81-X0/00, SVP Ver. 93-06-81-X0/00",
"status": "unaffected"
}
],
"lessThan": "DKCMAIN Ver. 93-06-81-X0/00, SVP Ver. 93-06-81-X0/00",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"changes": [
{
"at": "DKCMAIN Ver. 93-06-62-X0/00, SVP Ver. 93-06-62-X0/00",
"status": "unaffected"
}
],
"lessThan": "DKCMAIN Ver. 93-06-62-X0/00, SVP Ver. 93-06-62-X0/00",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"changes": [
{
"at": "DKCMAIN Ver. 93-06-43-X0/00, SVP Ver. 93-06-43-X0/00",
"status": "unaffected"
}
],
"lessThan": "DKCMAIN Ver. 93-06-43-X0/00, SVP Ver. 93-06-43-X0/00",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
}
]
}
}
]
},
"vendor_name": "Hitachi"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Insertion of Sensitive Information into Log File vulnerability in Hitachi Virtual Storage Platform, Hitachi Virtual Storage Platform VP9500, Hitachi Virtual Storage Platform G1000, G1500, Hitachi Virtual Storage Platform F1500, Hitachi Virtual Storage Platform 5100, 5500, 5100H, 5500H, Hitachi Virtual Storage Platform 5200, 5600, 5200H, 5600H, Hitachi Unified Storage VM, Hitachi Virtual Storage Platform G100, G200, G400, G600, G800, Hitachi Virtual Storage Platform F400, F600, F800, Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, Hitachi Virtual Storage Platform F350, F370, F700, F900, Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H allows \n\nlocal users to gain sensitive information.This issue affects Hitachi Virtual Storage Platform: before DKCMAIN Ver. 70-06-74-00/00, SVP Ver. 70-06-58/00; Hitachi Virtual Storage Platform VP9500: before DKCMAIN Ver. 70-06-74-00/00, SVP Ver. 70-06-58/00; Hitachi Virtual Storage Platform G1000, G1500: before DKCMAIN Ver. 80-06-92-00/00, SVP Ver. 80-06-87/00; Hitachi Virtual Storage Platform F1500: before DKCMAIN Ver. 80-06-92-00/00, SVP Ver. 80-06-87/00; Hitachi Virtual Storage Platform 5100, 5500,5100H, 5500H: before DKCMAIN Ver. 90-08-81-00/00, SVP Ver. 90-08-81/00, before DKCMAIN Ver. 90-08-62-00/00, SVP Ver. 90-08-62/00, before DKCMAIN Ver. 90-08-43-00/00, SVP Ver. 90-08-43/00; Hitachi Virtual Storage Platform 5200, 5600,5200H, 5600H: before DKCMAIN Ver. 90-08-81-00/00, SVP Ver. 90-08-81/00, before DKCMAIN Ver. 90-08-62-00/00, SVP Ver. 90-08-62/00, before DKCMAIN Ver. 90-08-43-00/00, SVP Ver. 90-08-43/00; Hitachi Unified Storage VM: before DKCMAIN Ver. 73-03-75-X0/00, SVP Ver. 73-03-74/00, before DKCMAIN Ver. 73(75)-03-75-X0/00, SVP Ver. 73(75)-03-74/00; Hitachi Virtual Storage Platform G100, G200, G400, G600, G800: before DKCMAIN Ver. 83-06-19-X0/00, SVP Ver. 83-06-20-X0/00, before DKCMAIN Ver. 83-05-47-X0/00, SVP Ver. 83-05-51-X0/00; Hitachi Virtual Storage Platform F400, F600, F800: before DKCMAIN Ver. 83-06-19-X0/00, SVP Ver. 83-06-20-X0/00, before DKCMAIN Ver. 83-05-47-X0/00, SVP Ver. 83-05-51-X0/00; Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900: before DKCMAIN Ver. 88-08-09-XX/00, SVP Ver. 88-08-11-X0/02; Hitachi Virtual Storage Platform F350, F370, F700, F900: before DKCMAIN Ver. 88-08-09-XX/00, SVP Ver. 88-08-11-X0/02; Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H: before DKCMAIN Ver. 93-06-81-X0/00, SVP Ver. 93-06-81-X0/00, before DKCMAIN Ver. 93-06-62-X0/00, SVP Ver. 93-06-62-X0/00, before DKCMAIN Ver. 93-06-43-X0/00, SVP Ver. 93-06-43-X0/00.\n\n"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"cweId": "CWE-532",
"lang": "eng",
"value": "CWE-532 Insertion of Sensitive Information into Log File"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.hitachi.com/products/it/storage-solutions/sec_info/2024/2022_313.html",
"refsource": "MISC",
"url": "https://www.hitachi.com/products/it/storage-solutions/sec_info/2024/2022_313.html"
}
]
},
"source": {
"advisory": "hitachi-sec-2022-313",
"discovery": "UNKNOWN"
}
},
"nvd.nist.gov": {
"cve": {
"descriptions": [
{
"lang": "en",
"value": "Insertion of Sensitive Information into Log File vulnerability in Hitachi Virtual Storage Platform, Hitachi Virtual Storage Platform VP9500, Hitachi Virtual Storage Platform G1000, G1500, Hitachi Virtual Storage Platform F1500, Hitachi Virtual Storage Platform 5100, 5500, 5100H, 5500H, Hitachi Virtual Storage Platform 5200, 5600, 5200H, 5600H, Hitachi Unified Storage VM, Hitachi Virtual Storage Platform G100, G200, G400, G600, G800, Hitachi Virtual Storage Platform F400, F600, F800, Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, Hitachi Virtual Storage Platform F350, F370, F700, F900, Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H allows \n\nlocal users to gain sensitive information.This issue affects Hitachi Virtual Storage Platform: before DKCMAIN Ver. 70-06-74-00/00, SVP Ver. 70-06-58/00; Hitachi Virtual Storage Platform VP9500: before DKCMAIN Ver. 70-06-74-00/00, SVP Ver. 70-06-58/00; Hitachi Virtual Storage Platform G1000, G1500: before DKCMAIN Ver. 80-06-92-00/00, SVP Ver. 80-06-87/00; Hitachi Virtual Storage Platform F1500: before DKCMAIN Ver. 80-06-92-00/00, SVP Ver. 80-06-87/00; Hitachi Virtual Storage Platform 5100, 5500,5100H, 5500H: before DKCMAIN Ver. 90-08-81-00/00, SVP Ver. 90-08-81/00, before DKCMAIN Ver. 90-08-62-00/00, SVP Ver. 90-08-62/00, before DKCMAIN Ver. 90-08-43-00/00, SVP Ver. 90-08-43/00; Hitachi Virtual Storage Platform 5200, 5600,5200H, 5600H: before DKCMAIN Ver. 90-08-81-00/00, SVP Ver. 90-08-81/00, before DKCMAIN Ver. 90-08-62-00/00, SVP Ver. 90-08-62/00, before DKCMAIN Ver. 90-08-43-00/00, SVP Ver. 90-08-43/00; Hitachi Unified Storage VM: before DKCMAIN Ver. 73-03-75-X0/00, SVP Ver. 73-03-74/00, before DKCMAIN Ver. 73(75)-03-75-X0/00, SVP Ver. 73(75)-03-74/00; Hitachi Virtual Storage Platform G100, G200, G400, G600, G800: before DKCMAIN Ver. 83-06-19-X0/00, SVP Ver. 83-06-20-X0/00, before DKCMAIN Ver. 83-05-47-X0/00, SVP Ver. 83-05-51-X0/00; Hitachi Virtual Storage Platform F400, F600, F800: before DKCMAIN Ver. 83-06-19-X0/00, SVP Ver. 83-06-20-X0/00, before DKCMAIN Ver. 83-05-47-X0/00, SVP Ver. 83-05-51-X0/00; Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900: before DKCMAIN Ver. 88-08-09-XX/00, SVP Ver. 88-08-11-X0/02; Hitachi Virtual Storage Platform F350, F370, F700, F900: before DKCMAIN Ver. 88-08-09-XX/00, SVP Ver. 88-08-11-X0/02; Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H: before DKCMAIN Ver. 93-06-81-X0/00, SVP Ver. 93-06-81-X0/00, before DKCMAIN Ver. 93-06-62-X0/00, SVP Ver. 93-06-62-X0/00, before DKCMAIN Ver. 93-06-43-X0/00, SVP Ver. 93-06-43-X0/00.\n\n"
},
{
"lang": "es",
"value": "Vulnerabilidad de inserci\u00f3n de informaci\u00f3n confidencial en un archivo de registro en Hitachi Virtual Storage Platform, Hitachi Virtual Storage Platform VP9500, Hitachi Virtual Storage Platform G1000, G1500, Hitachi Virtual Storage Platform F1500, Hitachi Virtual Storage Platform 5100, 5500, 5100H, 5500H, Hitachi Virtual Storage Platform 5200, 5600, 5200H, 5600H, VM de almacenamiento unificado Hitachi, plataforma de almacenamiento virtual Hitachi G100, G200, G400, G600, G800, plataforma de almacenamiento virtual Hitachi F400, F600, F800, plataforma de almacenamiento virtual Hitachi G130, G150, G350, G370, G700 , G900, Hitachi Virtual Storage Platform F350, F370, F700, F900, Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H permite a los usuarios locales obtener informaci\u00f3n confidencial. Este problema afecta a Hitachi Virtual Storage Plataforma: anterior a DKCMAIN Ver. 70-06-74-00/00, versi\u00f3n SVP. 70-06-58/00; Plataforma de almacenamiento virtual Hitachi VP9500: anterior a DKCMAIN Ver. 70-06-74-00/00, versi\u00f3n SVP. 70-06-58/00; Plataforma de almacenamiento virtual Hitachi G1000, G1500: anterior a DKCMAIN Ver. 80-06-92-00/00, versi\u00f3n SVP. 80-06-87/00; Plataforma de almacenamiento virtual Hitachi F1500: anterior a DKCMAIN Ver. 80-06-92-00/00, versi\u00f3n SVP. 80-06-87/00; Plataforma de almacenamiento virtual Hitachi 5100, 5500,5100H, 5500H: anterior a DKCMAIN Ver. 90-08-81-00/00, versi\u00f3n SVP. 90-08-81/00, antes de DKCMAIN Ver. 90-08-62-00/00, versi\u00f3n SVP. 90-08-62/00, antes de DKCMAIN Ver. 90-08-43-00/00, versi\u00f3n SVP. 90-08-43/00; Plataforma de almacenamiento virtual Hitachi 5200, 5600,5200H, 5600H: anterior a DKCMAIN Ver. 90-08-81-00/00, versi\u00f3n SVP. 90-08-81/00, antes de DKCMAIN Ver. 90-08-62-00/00, versi\u00f3n SVP. 90-08-62/00, antes de DKCMAIN Ver. 90-08-43-00/00, versi\u00f3n SVP. 90-08-43/00; M\u00e1quina virtual de almacenamiento unificado de Hitachi: anterior a DKCMAIN Ver. 73-03-75-X0/00, versi\u00f3n SVP. 73-03-74/00, antes de DKCMAIN Ver. 73(75)-03-75-X0/00, versi\u00f3n SVP. 73(75)-03-74/00; Plataforma de almacenamiento virtual Hitachi G100, G200, G400, G600, G800: anterior a DKCMAIN Ver. 83-06-19-X0/00, versi\u00f3n SVP. 83-06-20-X0/00, antes de DKCMAIN Ver. 83-05-47-X0/00, versi\u00f3n SVP. 83-05-51-X0/00; Plataforma de almacenamiento virtual Hitachi F400, F600, F800: anterior a DKCMAIN Ver. 83-06-19-X0/00, versi\u00f3n SVP. 83-06-20-X0/00, antes de DKCMAIN Ver. 83-05-47-X0/00, versi\u00f3n SVP. 83-05-51-X0/00; Plataforma de almacenamiento virtual Hitachi G130, G150, G350, G370, G700, G900: anterior a DKCMAIN Ver. 88-08-09-XX/00, versi\u00f3n SVP. 88-08-11-X0/02; Plataforma de almacenamiento virtual Hitachi F350, F370, F700, F900: anterior a DKCMAIN Ver. 88-08-09-XX/00, versi\u00f3n SVP. 88-08-11-X0/02; Plataforma de almacenamiento virtual Hitachi E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H: anterior a DKCMAIN Ver. 93-06-81-X0/00, versi\u00f3n SVP. 93-06-81-X0/00, antes de DKCMAIN Ver. 93-06-62-X0/00, versi\u00f3n SVP. 93-06-62-X0/00, antes de DKCMAIN Ver. 93-06-43-X0/00, versi\u00f3n SVP. 93-06-43-X0/00."
}
],
"id": "CVE-2022-36407",
"lastModified": "2024-03-25T13:47:14.087",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.1,
"impactScore": 6.0,
"source": "hirt@hitachi.co.jp",
"type": "Secondary"
}
]
},
"published": "2024-03-25T06:15:08.450",
"references": [
{
"source": "hirt@hitachi.co.jp",
"url": "https://www.hitachi.com/products/it/storage-solutions/sec_info/2024/2022_313.html"
}
],
"sourceIdentifier": "hirt@hitachi.co.jp",
"vulnStatus": "Awaiting Analysis",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-532"
}
],
"source": "hirt@hitachi.co.jp",
"type": "Secondary"
}
]
}
}
}
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.