jvndb - jvndb-2023-002511

jvndb-2023-002511

Vulnerability from jvndb

Published

2023-07-19 14:48

Modified

2024-04-26 12:29

Severity ?

6.6 (Medium) - cvssV3_0 - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H

Summary

File and Directory Permissions Vulnerability in Hitachi Command Suite

Details

A File and Directory Permissions Vulnerability (CVE-2020-36695) exists in Hitachi Command Suite.

References

Type

URL

	CVE	https://www.cve.org/CVERecord?id=CVE-2020-36695
	NVD	https://nvd.nist.gov/vuln/detail/CVE-2020-36695
	No Mapping(CWE-noinfo)	https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html

Impacted products

Vendor

Product

	Hitachi, Ltd	Hitachi Compute Systems Manager
	Hitachi, Ltd	Hitachi Device Manager
	Hitachi, Ltd	Hitachi Replication Manager
	Hitachi, Ltd	Hitachi Tiered Storage Manager
	Hitachi, Ltd	Hitachi Tuning Manager

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-002511.html",
  "dc:date": "2024-04-26T12:29+09:00",
  "dcterms:issued": "2023-07-19T14:48+09:00",
  "dcterms:modified": "2024-04-26T12:29+09:00",
  "description": "A File and Directory Permissions Vulnerability (CVE-2020-36695) exists in Hitachi Command Suite.",
  "link": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-002511.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:hitachi:compute_systems_manager",
      "@product": "Hitachi Compute Systems Manager",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:device_manager",
      "@product": "Hitachi Device Manager",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:replication_manager",
      "@product": "Hitachi Replication Manager",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:tiered_storage_manager",
      "@product": "Hitachi Tiered Storage Manager",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:tuning_manager",
      "@product": "Hitachi Tuning Manager",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "6.6",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
    "@version": "3.0"
  },
  "sec:identifier": "JVNDB-2023-002511",
  "sec:references": [
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2020-36695",
      "@id": "CVE-2020-36695",
      "@source": "CVE"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2020-36695",
      "@id": "CVE-2020-36695",
      "@source": "NVD"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-noinfo",
      "@title": "No Mapping(CWE-noinfo)"
    }
  ],
  "title": "File and Directory Permissions Vulnerability in Hitachi Command Suite"
}

CVE-2020-36695 (GCVE-0-2020-36695)

Vulnerability from cvelistv5

Published

2023-07-18 01:59

Modified

2024-10-21 19:04

Severity ?

6.6 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H

CWE

CWE-276 - Incorrect Default Permissions

Summary

Incorrect Default Permissions vulnerability in Hitachi Device Manager on Linux (Device Manager Server component), Hitachi Tiered Storage Manager on Linux, Hitachi Replication Manager on Linux, Hitachi Tuning Manager on Linux (Hitachi Tuning Manager server, Hitachi Tuning Manager - Agent for RAID, Hitachi Tuning Manager - Agent for NAS components), Hitachi Compute Systems Manager on Linux allows File Manipulation.This issue affects Hitachi Device Manager: before 8.8.5-02; Hitachi Tiered Storage Manager: before 8.8.5-02; Hitachi Replication Manager: before 8.8.5-02; Hitachi Tuning Manager: before 8.8.5-02; Hitachi Compute Systems Manager: before 8.8.3-08.

References

URL

Tags

https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-124/index.html

vendor-advisory

Impacted products

Vendor

Product

Version

Hitachi

Hitachi Device Manager

Version: 0 < 8.8.5-02

Hitachi	Hitachi Tiered Storage Manager	Version: 0 < 8.8.5-02
Hitachi	Hitachi Replication Manager	Version: 0 < 8.8.5-02
Hitachi	Hitachi Tuning Manager	Version: 0 < 8.8.5-02
Hitachi	Hitachi Compute Systems Manager	Version: 0 < 8.8.3-08

Show details on NVD website