Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveHitachiCVE-2020-36605
HistoryNov 01, 2022 - 3:15 a.m.

CVE-2020-36605

2022-11-0103:15:10
CWE-276
Hitachi
web.nvd.nist.gov
35
11
cve
2020
36605
hitachi
infrastructure analytics advisor
ops center analyzer
ops center viewpoint
linux
vulnerability
permissions vulnerability
local users
file access

CVSS3

6.6

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H

AI Score

4.6

Confidence

High

EPSS

0

Percentile

5.1%

JSON

Incorrect Default Permissions vulnerability in Hitachi Infrastructure Analytics Advisor on Linux (Analytics probe component), Hitachi Ops Center Analyzer on Linux (Analyzer probe component), Hitachi Ops Center Viewpoint on Linux (Viewpoint RAID Agent component) allows local users to read and write specific files.

This issue affects Hitachi Infrastructure Analytics Advisor: from 2.0.0-00 through 4.4.0-00; Hitachi Ops Center Analyzer: from 10.0.0-00 before 10.9.0-00; Hitachi Ops Center Viewpoint: from 10.8.0-00 before 10.9.0-00.

Affected configurations

Nvd
Node
hitachiinfrastructure_analytics_advisorRange2.0.0-004.4.0-00
AND
linuxlinux_kernelMatch-x64
OR
microsoftwindowsMatch-x64
Node
hitachiops_center_analyzerRange10.0.0-0010.9.0-00
AND
linuxlinux_kernelMatch-x64
Node
hitachiops_center_viewpointRange10.8.0-0010.9.0-00
AND
linuxlinux_kernelMatch-x64
VendorProductVersionCPE
hitachiinfrastructure_analytics_advisor*cpe:2.3:a:hitachi:infrastructure_analytics_advisor:*:*:*:*:*:*:*:*
linuxlinux_kernel-cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:x64:*
microsoftwindows-cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:x64:*
hitachiops_center_analyzer*cpe:2.3:a:hitachi:ops_center_analyzer:*:*:*:*:*:*:*:*
hitachiops_center_viewpoint*cpe:2.3:a:hitachi:ops_center_viewpoint:*:*:*:*:*:*:*:*

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "modules": [
      "Analytics probe"
    ],
    "platforms": [
      "Linux"
    ],
    "product": "Hitachi Infrastructure Analytics Advisor",
    "vendor": "Hitachi",
    "versions": [
      {
        "lessThanOrEqual": "4.4.0-00",
        "status": "affected",
        "version": "2.0.0-00",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "modules": [
      "Analyzer probe"
    ],
    "platforms": [
      "Linux"
    ],
    "product": "Hitachi Ops Center Analyzer",
    "vendor": "Hitachi",
    "versions": [
      {
        "changes": [
          {
            "at": "10.9.0-00",
            "status": "unaffected"
          }
        ],
        "lessThan": "10.9.0-00",
        "status": "affected",
        "version": "10.0.0-00",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "modules": [
      "Viewpoint RAID Agent"
    ],
    "platforms": [
      "Linux"
    ],
    "product": "Hitachi Ops Center Viewpoint",
    "vendor": "Hitachi",
    "versions": [
      {
        "changes": [
          {
            "at": "10.9.0-00",
            "status": "unaffected"
          }
        ],
        "lessThan": "10.9.0-00",
        "status": "affected",
        "version": "10.8.0-00",
        "versionType": "custom"
      }
    ]
  }
]

Social References

More

Related

prion 1
nvd 1
cvelist 1
prion
prion
Design/Logic Flaw
2022-11-01 03:15:00
nvd
nvd
CVE-2020-36605
2022-11-01 03:15:10
cvelist
cvelist
CVE-2020-36605 File Permissions Vulnerability in Hitachi Infrastructure Analytics Advisor, Hitachi Ops Center Analyzer, Hitachi Ops Center Viewpoint
2022-11-01 02:07:14

CVSS3

6.6

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H

AI Score

4.6

Confidence

High

EPSS

0

Percentile

5.1%

JSON
Related for CVE-2020-36605
prion1nvd1cvelist1