Lucene search

HitachiCVELIST:CVE-2023-49106

HistoryJan 16, 2024 - 12:58 a.m.

CVE-2023-49106 Missing Password Field Masking Vulnerability in Hitachi Device Manager

2024-01-1600:58:50

CWE-549

Hitachi

www.cve.org

cve-2023-49106

hitachi device manager

windows

linux

vulnerability

password field masking

4.6 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

0.001 Low

EPSS

Percentile

37.3%

JSON

Missing Password Field Masking vulnerability in Hitachi Device Manager on Windows, Linux (Device Manager Agent component).This issue affects Hitachi Device Manager: before 8.8.5-04.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "modules": [
      "Device Manager Agent"
    ],
    "platforms": [
      "Windows",
      "Linux"
    ],
    "product": "Hitachi Device Manager",
    "vendor": "Hitachi",
    "versions": [
      {
        "changes": [
          {
            "at": "8.8.5-04",
            "status": "unaffected"
          }
        ],
        "lessThan": "8.8.5-04",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

References

www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2024-101/index.html

4.6 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

0.001 Low

EPSS

Percentile

37.3%

JSON

Related for CVELIST:CVE-2023-49106