Lucene search

HitachiCVELIST:CVE-2022-2637

HistoryOct 06, 2022 - 12:00 a.m.

CVE-2022-2637 Privilege Escalation Vulnerability in Hitachi Storage Plug-in for VMware vCenter

2022-10-0600:00:00

CWE-266

Hitachi

www.cve.org

cve-2022-2637

vulnerability

hitachi storage

vmware

privilege escalation

CVSS3

5.4

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:H

AI Score

8.6

Confidence

High

EPSS

0.002

Percentile

60.8%

JSON

Incorrect Privilege Assignment vulnerability in Hitachi Hitachi Storage Plug-in for VMware vCenter allows remote authenticated users to cause privilege escalation.This issue affects Hitachi Storage Plug-in for VMware vCenter: from 04.8.0 before 04.9.0.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Hitachi Storage Plug-in for VMware vCenter",
    "vendor": "Hitachi",
    "versions": [
      {
        "changes": [
          {
            "at": "04.9.0",
            "status": "unaffected"
          }
        ],
        "lessThan": "04.9.0",
        "status": "affected",
        "version": "04.8.0",
        "versionType": "custom"
      }
    ]
  }
]

References

www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2022-131/index.html

CVSS3

5.4

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:H

AI Score

8.6

Confidence

High

EPSS

0.002

Percentile

60.8%

JSON

Related for CVELIST:CVE-2022-2637