ID CVE-2018-21032Type cveReporter cve@mitre.orgModified 2020-02-27T15:21:00
Description
A vulnerability in Hitachi Command Suite prior to 8.7.1-00 and Hitachi Automation Director prior to 8.5.0-00 allow authenticated remote users to expose technical information through error messages. Hitachi Command Suite includes Hitachi Device Manager and Hitachi Compute Systems Manager.
{"id": "CVE-2018-21032", "bulletinFamily": "NVD", "title": "CVE-2018-21032", "description": "A vulnerability in Hitachi Command Suite prior to 8.7.1-00 and Hitachi Automation Director prior to 8.5.0-00 allow authenticated remote users to expose technical information through error messages. Hitachi Command Suite includes Hitachi Device Manager and Hitachi Compute Systems Manager.", "published": "2020-02-14T16:15:00", "modified": "2020-02-27T15:21:00", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-21032", "reporter": "cve@mitre.org", "references": ["https://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2019-128/", "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/"], "cvelist": ["CVE-2018-21032"], "type": "cve", "lastseen": "2021-02-02T06:52:35", "edition": 8, "viewCount": 4, "enchantments": {"dependencies": {"references": [], "modified": "2021-02-02T06:52:35", "rev": 2}, "score": {"value": 4.3, "vector": "NONE", "modified": "2021-02-02T06:52:35", "rev": 2}, "vulnersScore": 4.3}, "cpe": [], "affectedSoftware": [{"cpeName": "hitachi:device_manager", "name": "hitachi device manager", "operator": "lt", "version": "8.7.1-00"}, {"cpeName": "hitachi:compute_systems_manager", "name": "hitachi compute systems manager", "operator": "lt", "version": "8.7.1-00"}, {"cpeName": "hitachi:automation_director", "name": "hitachi automation director", "operator": "lt", "version": "8.5.0-00"}, {"cpeName": "hitachi:automation_director", "name": "hitachi automation director", "operator": "lt", "version": "8.5.0-00"}], "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4}, "cpe23": [], "cwe": ["CWE-209"], "scheme": null, "affectedConfiguration": [{"cpeName": "linux:linux_kernel", "name": "linux linux kernel", "operator": "eq", "version": "-"}, {"cpeName": "microsoft:windows", "name": "microsoft windows", "operator": "eq", "version": "-"}, {"cpeName": "oracle:solaris", "name": "oracle solaris", "operator": "eq", "version": "-"}], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"children": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "vulnerable": false}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:a:hitachi:compute_systems_manager:8.7.1-00:*:*:*:*:*:*:*", "versionEndExcluding": "8.7.1-00", "vulnerable": true}], "operator": "OR"}], "operator": "AND"}, {"children": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "vulnerable": false}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:a:hitachi:automation_director:8.5.0-00:*:*:*:*:*:*:*", "versionEndExcluding": "8.5.0-00", "versionStartIncluding": "8.1.1-00", "vulnerable": true}], "operator": "OR"}], "operator": "AND"}, {"children": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:hitachi:device_manager:8.7.1-00:*:*:*:*:*:*:*", "versionEndExcluding": "8.7.1-00", "versionStartIncluding": "7.0.0-00", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:o:oracle:solaris:-:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "vulnerable": false}], "operator": "OR"}], "operator": "AND"}, {"children": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:hitachi:automation_director:8.5.0-00:*:*:*:*:*:*:*", "versionEndExcluding": "8.5.0-00", "versionStartIncluding": "8.2.0-00", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "vulnerable": false}], "operator": "OR"}], "operator": "AND"}]}, "extraReferences": [{"name": "https://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2019-128/", "refsource": "CONFIRM", "tags": ["Vendor Advisory"], "url": "https://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2019-128/"}, {"name": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/", "refsource": "MISC", "tags": ["Vendor Advisory"], "url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/"}]}
{}
