Lucene search

[email protected]CVE-2021-29645

HistoryOct 12, 2021 - 7:15 p.m.

CVE-2021-29645

2021-10-1219:15:07

[email protected]

web.nvd.nist.gov

hitachi

jp1

it desktop management

cve-2021-29645

local privilege escalation

vulnerability

nvd

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

5.1%

JSON

Hitachi JP1/IT Desktop Management 2 Agent 9 through 12 calls the SendMessageTimeoutW API with arbitrary arguments via a local pipe, leading to a local privilege escalation vulnerability. An attacker who exploits this issue could execute arbitrary code on the local system.

Affected configurations

NVD

Node

hitachiit_operations_directorRange02-50–02-50-07

hitachiit_operations_directorRange03-00–03-00-12

hitachiit_operations_directorRange04-00–04-00-17

hitachiit_operations_directorRange04-50–04-50-16

hitachijob_management_partner_1\/it_desktop_management-managerRange09-50–09-50-03

hitachijob_management_partner_1\/it_desktop_management-managerRange10-01–10-01-06

hitachijob_management_partner_1\/it_desktop_management-managerRange10-10–10-10-16

hitachijob_management_partner_1\/it_desktop_management_2-managerRange10-50–10-50-11

hitachijob_management_partner_1\/remote_control_agentRange08-00–08-00-04

hitachijob_management_partner_1\/remote_control_agentRange08-10–08-10-05

hitachijob_management_partner_1\/remote_control_agentRange08-51–08-51-18

hitachijob_management_partner_1\/remote_control_agentRange09-00–09-00-07

hitachijob_management_partner_1\/remote_control_agentRange09-50–09-50-09

hitachijob_management_partner_1\/remote_control_agentRange09-51–09-51-15

hitachijob_management_partner_1\/software_distribution_clientRange08-00–08-00-05

hitachijob_management_partner_1\/software_distribution_clientRange08-10–08-10-06

hitachijob_management_partner_1\/software_distribution_clientRange08-51–08-51-19

hitachijob_management_partner_1\/software_distribution_clientRange09-00–09-00-09

hitachijob_management_partner_1\/software_distribution_clientRange09-50–09-50-09

hitachijob_management_partner_1\/software_distribution_clientRange09-51–09-51-13

hitachijob_management_partner_1\/software_distribution_managerRange08-00–08-00-07

hitachijob_management_partner_1\/software_distribution_managerRange08-10–08-10-06

hitachijob_management_partner_1\/software_distribution_managerRange08-51–08-51-19

hitachijob_management_partner_1\/software_distribution_managerRange09-00–09-00-09

hitachijob_management_partner_1\/software_distribution_managerRange09-50–09-50-09

hitachijob_management_partner_1\/software_distribution_managerRange09-51–09-51-13

hitachijp1\/it_desktop_management-managerRange09-50–09-50-03

hitachijp1\/it_desktop_management-managerRange09-51–09-51-05

hitachijp1\/it_desktop_management-managerRange10-00–10-00-02

hitachijp1\/it_desktop_management-managerRange10-01–10-01-05

hitachijp1\/it_desktop_management-managerRange10-02–10-02-05

hitachijp1\/it_desktop_management-managerRange10-10–10-10-16

hitachijp1\/it_desktop_management_2-managerRange10-50–10-50-12

hitachijp1\/it_desktop_management_2-managerRange11-00–11-00-11

hitachijp1\/it_desktop_management_2-managerRange11-01–11-01-12

hitachijp1\/it_desktop_management_2-managerRange11-10–11-10-10

hitachijp1\/it_desktop_management_2-managerRange11-50–11-50-08

hitachijp1\/it_desktop_management_2-managerRange11-51–11-51-10

hitachijp1\/it_desktop_management_2-managerRange12-00–12-00-09

hitachijp1\/it_desktop_management_2-managerRange12-10–12-10-07

hitachijp1\/it_desktop_management_2-managerRange12-50–12-50-03

hitachijp1\/it_desktop_management_2-operations_directorRange11-01–11-01-12

hitachijp1\/it_desktop_management_2-operations_directorRange11-10–11-10-10

hitachijp1\/it_desktop_management_2-operations_directorRange11-50–11-50-08

hitachijp1\/it_desktop_management_2-operations_directorRange11-51–11-51-10

hitachijp1\/it_desktop_management_2-operations_directorRange12-00–12-00-09

hitachijp1\/it_desktop_management_2-operations_directorRange12-10–12-10-07

hitachijp1\/it_desktop_management_2-operations_directorRange12-50–12-50-03

hitachijp1\/netm\/dm_clientRange08-00–08-00-09

hitachijp1\/netm\/dm_clientRange08-01–08-01-04

hitachijp1\/netm\/dm_clientRange08-02–08-02-07

hitachijp1\/netm\/dm_clientRange08-10–08-10-13

hitachijp1\/netm\/dm_clientRange08-11–08-11-17

hitachijp1\/netm\/dm_clientRange08-12–08-12-03

hitachijp1\/netm\/dm_clientRange08-50–08-50-08

hitachijp1\/netm\/dm_clientRange08-51–08-51-17

hitachijp1\/netm\/dm_clientRange08-52–08-52-22

hitachijp1\/netm\/dm_clientRange09-00–09-00-14

hitachijp1\/netm\/dm_clientRange09-01–09-01-14

hitachijp1\/netm\/dm_clientRange09-10–09-10-15

hitachijp1\/netm\/dm_clientRange09-12–09-12-16

hitachijp1\/netm\/dm_clientRange09-50–09-50-20

hitachijp1\/netm\/dm_clientRange09-51–09-51-14

hitachijp1\/netm\/dm_clientRange10-10–10-10-23

hitachijp1\/netm\/dm_client-remote_control_featureRange08-00–08-00-06

hitachijp1\/netm\/dm_client-remote_control_featureRange08-01–08-01-03

hitachijp1\/netm\/dm_client-remote_control_featureRange08-02–08-02-04

hitachijp1\/netm\/dm_client-remote_control_featureRange08-10–08-10-10

hitachijp1\/netm\/dm_client-remote_control_featureRange08-11–08-11-06

hitachijp1\/netm\/dm_client-remote_control_featureRange08-50–08-50-04

hitachijp1\/netm\/dm_client-remote_control_featureRange08-51–08-51-14

hitachijp1\/netm\/dm_client-remote_control_featureRange09-00–09-00-13

hitachijp1\/netm\/dm_client-remote_control_featureRange09-01–09-01-12

hitachijp1\/netm\/dm_client-remote_control_featureRange09-10–09-10-13

hitachijp1\/netm\/dm_client-remote_control_featureRange09-50–09-50-19

hitachijp1\/netm\/dm_client-remote_control_featureRange09-51–09-51-08

hitachijp1\/netm\/dm_client-remote_control_featureRange10-10–10-10-20

hitachijp1\/netm\/dm_managerRange08-00–08-00-09

hitachijp1\/netm\/dm_managerRange08-02–08-02-07

hitachijp1\/netm\/dm_managerRange08-10–08-10-13

hitachijp1\/netm\/dm_managerRange08-11–08-11-17

hitachijp1\/netm\/dm_managerRange08-50–08-50-08

hitachijp1\/netm\/dm_managerRange08-51–08-51-18

hitachijp1\/netm\/dm_managerRange08-52–08-52-22

hitachijp1\/netm\/dm_managerRange09-00–09-00-14

hitachijp1\/netm\/dm_managerRange09-01–09-01-14

hitachijp1\/netm\/dm_managerRange09-10–09-10-15

hitachijp1\/netm\/dm_managerRange09-12–09-12-15

hitachijp1\/netm\/dm_managerRange09-50–09-50-20

hitachijp1\/netm\/dm_managerRange09-51–09-51-14

hitachijp1\/netm\/dm_managerRange10-10–10-10-24

hitachijp1\/netm\/remote_control_featureRange08-00–08-00-06

hitachijp1\/netm\/remote_control_featureRange08-01–08-01-03

hitachijp1\/netm\/remote_control_featureRange08-02–08-02-04

hitachijp1\/netm\/remote_control_featureRange08-10–08-10-10

hitachijp1\/netm\/remote_control_featureRange08-11–08-11-06

hitachijp1\/netm\/remote_control_featureRange08-50–08-50-04

hitachijp1\/netm\/remote_control_featureRange08-51–08-51-14

hitachijp1\/netm\/remote_control_featureRange09-00–09-00-13

hitachijp1\/netm\/remote_control_featureRange09-01–09-01-12

hitachijp1\/netm\/remote_control_featureRange09-50–09-50-20

hitachijp1\/netm\/remote_control_featureRange09-51–09-51-08

hitachijp1\/netm\/remote_control_featureRange10-10–10-10-20

hitachijp1\/remote_control_featureRange11-00–11-00-02

hitachijp1\/remote_control_featureRange12-00–12-00-011

AND

microsoftwindowsMatch-

CPENameOperatorVersion
hitachi:it_operations_directorhitachi it operations directorle02-50-07
hitachi:it_operations_directorhitachi it operations directorle03-00-12
hitachi:it_operations_directorhitachi it operations directorle04-00-17
hitachi:it_operations_directorhitachi it operations directorle04-50-16
hitachi:job_management_partner_1\/it_desktop_management-managerhitachi job management partner 1/it desktop management-managerle09-50-03
hitachi:job_management_partner_1\/it_desktop_management-managerhitachi job management partner 1/it desktop management-managerle10-01-06
hitachi:job_management_partner_1\/it_desktop_management-managerhitachi job management partner 1/it desktop management-managerle10-10-16
hitachi:job_management_partner_1\/it_desktop_management_2-managerhitachi job management partner 1/it desktop management 2-managerle10-50-11
hitachi:job_management_partner_1\/remote_control_agenthitachi job management partner 1/remote control agentle08-00-04
hitachi:job_management_partner_1\/remote_control_agenthitachi job management partner 1/remote control agentle08-10-05

CPE	Name	Operator	Version
hitachi:it_operations_director	hitachi it operations director	le	02-50-07
hitachi:it_operations_director	hitachi it operations director	le	03-00-12
hitachi:it_operations_director	hitachi it operations director	le	04-00-17
hitachi:it_operations_director	hitachi it operations director	le	04-50-16
hitachi:job_management_partner_1\/it_desktop_management-manager	hitachi job management partner 1/it desktop management-manager	le	09-50-03
hitachi:job_management_partner_1\/it_desktop_management-manager	hitachi job management partner 1/it desktop management-manager	le	10-01-06
hitachi:job_management_partner_1\/it_desktop_management-manager	hitachi job management partner 1/it desktop management-manager	le	10-10-16
hitachi:job_management_partner_1\/it_desktop_management_2-manager	hitachi job management partner 1/it desktop management 2-manager	le	10-50-11
hitachi:job_management_partner_1\/remote_control_agent	hitachi job management partner 1/remote control agent	le	08-00-04
hitachi:job_management_partner_1\/remote_control_agent	hitachi job management partner 1/remote control agent	le	08-10-05

Rows per page:

1-10 of 1051

References

www.hitachi.com/hirt/security/index.html

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2021-29645

nvd1 prion1 cvelist1