CVE-2020-36611 File and Directory Permission Vulnerability in Hitachi Tuning Manager

🗓️ 17 Jan 2023 01:21:48Reported by HitachiType

Incorrect Default Permissions Vulnerability in Hitachi Tuning Manager Allows Unauthorized Acces

Reporter	Title	Published	Views	Family All 11
BDU FSTEC	The vulnerability of the resource management application for Hitachi Tuning Manager lies in its default access settings, which allow attackers to read and write certain files.	1 Mar 202300:00	–	bdu_fstec
Circl	CVE-2020-36611	3 Apr 202519:35	–	circl
CNNVD	Hitachi Command Suite 安全漏洞	17 Jan 202300:00	–	cnnvd
CVE	CVE-2020-36611	17 Jan 202301:21	–	cve
EUVD	EUVD-2020-24072	7 Oct 202500:30	–	euvd
Japan Vulnerability Notes	File and Directory Permissions Vulnerability in Hitachi Tuning Manager	18 Jan 202304:51	–	jvn
NVD	CVE-2020-36611	17 Jan 202302:15	–	nvd
Prion	Design/Logic Flaw	17 Jan 202302:15	–	prion
Positive Technologies	PT-2023-1497 · Hitachi · Hitachi Tuning Manager	16 Jan 202300:00	–	ptsecurity
RedhatCVE	CVE-2020-36611	22 May 202517:36	–	redhatcve

[
  {
    "defaultStatus": "unaffected",
    "modules": [
      "Hitachi Tuning Manager server",
      "Hitachi Tuning Manager - Agent for RAID",
      "Hitachi Tuning Manager - Agent for NAS",
      "Hitachi Tuning Manager - Agent for SAN Switch"
    ],
    "platforms": [
      "Linux"
    ],
    "product": "Hitachi Tuning Manager",
    "vendor": "Hitachi",
    "versions": [
      {
        "changes": [
          {
            "at": "8.8.5-00",
            "status": "unaffected"
          }
        ],
        "lessThan": "8.8.5-00",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
hitachi	www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-101/index.html

17 Jan 2023 01:21Current

6.8Medium risk

Vulners AI Score6.8

CVSS 3.16.6

EPSS0.00032

CWE-276