Lucene search

HitachiCVELIST:CVE-2022-4146

HistoryJul 18, 2023 - 2:01 a.m.

CVE-2022-4146 EL Injection Vulnerability in Hitachi Replication Manager

2023-07-1802:01:04

CWE-917

Hitachi

www.cve.org

hitachi

replication manager

windows

linux

solaris

code injection

7.3 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

9.9 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

51.4%

JSON

Expression Language Injection vulnerability in Hitachi Replication Manager on Windows, Linux, Solaris allows Code Injection.This issue affects Hitachi Replication Manager: before 8.8.5-02.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Windows",
      "Linux",
      "Solaris"
    ],
    "product": "Hitachi Replication Manager",
    "vendor": "Hitachi",
    "versions": [
      {
        "changes": [
          {
            "at": "8.8.5-02",
            "status": "unaffected"
          }
        ],
        "lessThan": "8.8.5-02",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

References

www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-123/index.html

7.3 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

9.9 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

51.4%

JSON

Related for CVELIST:CVE-2022-4146