Lucene search

[email protected]CVE-2018-14735

HistoryAug 09, 2018 - 8:29 p.m.

CVE-2018-14735

2018-08-0920:29:00

CWE-200

[email protected]

web.nvd.nist.gov

hitachi

command suite

8.5.3

information exposure

cve-2018-14735

nvd

security issue

remote attack

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.3 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

68.1%

JSON

An Information Exposure issue was discovered in Hitachi Command Suite 8.5.3. A remote attacker may be able to exploit a flaw in the permission of messaging that may allow for information exposure via a crafted message.

Affected configurations

NVD

Node

linuxlinux_kernelMatch-

microsoftwindowsMatch-

AND

hitachicompute_systems_managerRange<8.6.0-02

hitachidevice_managerRange7.0.0-00–8.6.1-02

hitachireplication_managerRange7.0.0-00–8.6.1-02

hitachitiered_storage_managerRange7.0.0-00–8.6.1-02

hitachituning_managerRange7.0.0-00–8.6.1-02

Node

hitachicommand_suiteMatch8.5.3

CPENameOperatorVersion
hitachi:compute_systems_managerhitachi compute systems managerlt8.6.0-02
hitachi:device_managerhitachi device managerlt8.6.1-02
hitachi:replication_managerhitachi replication managerlt8.6.1-02
hitachi:tiered_storage_managerhitachi tiered storage managerlt8.6.1-02
hitachi:tuning_managerhitachi tuning managerlt8.6.1-02

CPE	Name	Operator	Version
hitachi:compute_systems_manager	hitachi compute systems manager	lt	8.6.0-02
hitachi:device_manager	hitachi device manager	lt	8.6.1-02
hitachi:replication_manager	hitachi replication manager	lt	8.6.1-02
hitachi:tiered_storage_manager	hitachi tiered storage manager	lt	8.6.1-02
hitachi:tuning_manager	hitachi tuning manager	lt	8.6.1-02

References

www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2018-123/

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.3 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

68.1%

JSON

Related for CVE-2018-14735

cvelist1 prion1 nvd1