Lucene search

HitachiCVELIST:CVE-2022-3884

HistoryFeb 28, 2023 - 2:01 a.m.

CVE-2022-3884 Directory Permission Vulnerability in Hitachi Ops Center Analyzer

2023-02-2802:01:26

CWE-276

Hitachi

www.cve.org

hitachi ops center analyzer

windows

vulnerability

cve-2022-3884

default permissions

CVSS3

7.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N

EPSS

Percentile

5.1%

JSON

Incorrect Default Permissions vulnerability in Hitachi Ops Center Analyzer on Windows (Hitachi Ops Center Analyzer RAID Agent component) allows local users to read and write specific files.This issue affects Hitachi Ops Center Analyzer: from 10.9.0-00 before 10.9.0-01.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "modules": [
      "Hitachi Ops Center Analyzer RAID Agent"
    ],
    "platforms": [
      "Windows"
    ],
    "product": "Hitachi Ops Center Analyzer",
    "vendor": "Hitachi",
    "versions": [
      {
        "changes": [
          {
            "at": "10.9.0-01",
            "status": "unaffected"
          }
        ],
        "lessThan": "10.9.0-01",
        "status": "affected",
        "version": "10.9.0-00",
        "versionType": "custom"
      }
    ]
  }
]

References

www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-105/index.html

CVSS3

7.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N

EPSS

Percentile

5.1%

JSON

Related for CVELIST:CVE-2022-3884