6 matches found
CVE-2023-6538
SMU versions prior to 14.8.7825.01 are susceptible to unintended information disclosure, through URL manipulation. Authenticated users in Storage, Server or combined Server+Storage administrative roles are able to access SMU configuration backup, that would normally be barred to those specific...
Hitachi NAS SMU 14.8.7825 Information Disclosure Vulnerability
Exploit Title: Hitachi NAS HNAS System Management Unit SMU 14.8.7825 - Information Disclosure CVE: CVE-2023-6538 Exploit Author: Arslan Masood @arszilla Vendor: https://www.hitachivantara.com/ Version: --id --sso " Create --host argument: parser.addargument "--host", required=True, type=str,...
Hitachi NAS SMU 14.8.7825 Information Disclosure
Exploit Title: Hitachi NAS HNAS System Management Unit SMU 14.8.7825 - Information Disclosure CVE: CVE-2023-6538 Date: 2023-12-13 Exploit Author: Arslan Masood @arszilla Vendor: https://www.hitachivantara.com/ Version: --id --sso " Create --host argument: parser.addargument "--host", required=Tru...
HNAS SMU 14.8.7825 - Information Disclosure
Exploit Title: Hitachi NAS HNAS System Management Unit SMU 14.8.7825 - Information Disclosure CVE: CVE-2023-6538 Date: 2023-12-13 Exploit Author: Arslan Masood @arszilla Vendor: https://www.hitachivantara.com/ Version: --id --sso " Create --host argument: parser.addargument "--host", required=Tru...
CVE-2023-6538 System Management Unit (SMU) versions prior to 14.8.7825.01, used to manage Hitachi Vantara NAS products is susceptible to unintended information disclosure via unprivileged access to SMU configuration backup data.
SMU versions prior to 14.8.7825.01 are susceptible to unintended information disclosure, through URL manipulation. Authenticated users in Storage, Server or combined Server+Storage administrative roles are able to access SMU configuration backup, that would normally be barred to those specific...
CVE-2023-6538
CVE-2023-6538 is an Insecure Direct Object Reference in Hitachi NAS System Management Unit (SMU). Affects SMU versions prior to 14.8.7825.01; authenticated Storage/Server/Storage+Server administrators can access SMU configuration backup data via URL manipulation (IDOR), leading to unintended info...