Lucene search

HitachiCVELIST:CVE-2022-4441

HistoryJan 31, 2023 - 1:42 a.m.

CVE-2022-4441 Privilege Escalation Vulnerability in Hitachi Storage Plug-in for VMware vCenter

2023-01-3101:42:21

CWE-266

CWE-287

Hitachi

www.cve.org

cve-2022-4441

hitachi storage plug-in

vmware vcenter

privilege escalation

incorrect privilege assignment

remote authenticated users

vulnerability

7.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H

8.6 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

51.8%

JSON

Incorrect Privilege Assignment vulnerability in Hitachi Storage Plug-in for VMware vCenter allows remote authenticated users to cause privilege escalation.
This issue affects Hitachi Storage Plug-in for VMware vCenter: from 04.9.0 before 04.9.1.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Hitachi Storage Plug-in for VMware vCenter",
    "vendor": "Hitachi",
    "versions": [
      {
        "changes": [
          {
            "at": "04.9.1",
            "status": "unaffected"
          }
        ],
        "lessThan": "04.9.1",
        "status": "affected",
        "version": "04.9.0",
        "versionType": "custom"
      }
    ]
  }
]

References

www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-103/index.html