Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveHitachiCVE-2020-36695
HistoryJul 18, 2023 - 3:15 a.m.

CVE-2020-36695

2023-07-1803:15:52
CWE-276
Hitachi
web.nvd.nist.gov
35
cve-2020-36695
hitachi
device manager
tiered storage manager
replication manager
tuning manager
compute systems manager
linux
file manipulation
vulnerability

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.6

Confidence

High

EPSS

0

Percentile

9.0%

JSON

Incorrect Default Permissions vulnerability in Hitachi Device Manager on Linux (Device Manager Server component), Hitachi Tiered Storage Manager on Linux, Hitachi Replication Manager on Linux, Hitachi Tuning Manager on Linux (Hitachi Tuning Manager server, Hitachi Tuning Manager - Agent for RAID, Hitachi Tuning Manager - Agent for NAS

components), Hitachi Compute Systems Manager on Linux allows File Manipulation.This issue affects Hitachi Device Manager: before 8.8.5-02; Hitachi Tiered Storage Manager: before 8.8.5-02; Hitachi Replication Manager: before 8.8.5-02; Hitachi Tuning Manager: before 8.8.5-02; Hitachi Compute Systems Manager: before 8.8.3-08.

Affected configurations

Nvd
Node
linuxlinux_kernelMatch-
AND
hitachicompute_systems_managerRange<8.8.3-08
OR
hitachidevice_managerRange<8.8.5-02
OR
hitachireplication_managerRange<8.8.5-02
OR
hitachitiered_storage_managerRange<8.8.5-02
OR
hitachituning_managerRange<8.8.5-02
VendorProductVersionCPE
linuxlinux_kernel-cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
hitachicompute_systems_manager*cpe:2.3:a:hitachi:compute_systems_manager:*:*:*:*:*:*:*:*
hitachidevice_manager*cpe:2.3:a:hitachi:device_manager:*:*:*:*:*:*:*:*
hitachireplication_manager*cpe:2.3:a:hitachi:replication_manager:*:*:*:*:*:*:*:*
hitachitiered_storage_manager*cpe:2.3:a:hitachi:tiered_storage_manager:*:*:*:*:*:*:*:*
hitachituning_manager*cpe:2.3:a:hitachi:tuning_manager:*:*:*:*:*:*:*:*

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "modules": [
      "Device Manager Server"
    ],
    "platforms": [
      "Linux"
    ],
    "product": "Hitachi Device Manager",
    "vendor": "Hitachi",
    "versions": [
      {
        "changes": [
          {
            "at": "8.8.5-02",
            "status": "unaffected"
          }
        ],
        "lessThan": "8.8.5-02",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Linux"
    ],
    "product": "Hitachi Tiered Storage Manager",
    "vendor": "Hitachi",
    "versions": [
      {
        "changes": [
          {
            "at": "8.8.5-02",
            "status": "unaffected"
          }
        ],
        "lessThan": "8.8.5-02",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Linux"
    ],
    "product": "Hitachi Replication Manager",
    "vendor": "Hitachi",
    "versions": [
      {
        "changes": [
          {
            "at": "8.8.5-02",
            "status": "unaffected"
          }
        ],
        "lessThan": "8.8.5-02",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "modules": [
      "Hitachi Tuning Manager server",
      "Hitachi Tuning Manager - Agent for RAID",
      "Hitachi Tuning Manager - Agent for NAS"
    ],
    "platforms": [
      "Linux"
    ],
    "product": "Hitachi Tuning Manager",
    "vendor": "Hitachi",
    "versions": [
      {
        "changes": [
          {
            "at": "8.8.5-02",
            "status": "unaffected"
          }
        ],
        "lessThan": "8.8.5-02",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Linux"
    ],
    "product": "Hitachi Compute Systems Manager",
    "vendor": "Hitachi",
    "versions": [
      {
        "changes": [
          {
            "at": "8.8.3-08",
            "status": "unaffected"
          }
        ],
        "lessThan": "8.8.3-08",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

Related

prion 1
cvelist 1
nvd 1
prion
prion
Design/Logic Flaw
2023-07-18 03:15:00
cvelist
cvelist
CVE-2020-36695 File and Directory Permission Vulnerability in Hitachi Command Suite
2023-07-18 01:59:31
nvd
nvd
CVE-2020-36695
2023-07-18 03:15:52

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.6

Confidence

High

EPSS

0

Percentile

9.0%

JSON
Related for CVE-2020-36695
prion1cvelist1nvd1