Lucene search

HitachiCVE-2023-1995

HistoryAug 29, 2023 - 2:15 a.m.

CVE-2023-1995

2023-08-2902:15:07

CWE-778

Hitachi

web.nvd.nist.gov

hitachi

hirdb server

logging

vulnerability

security

cve-2023-1995

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

EPSS

0.001

Percentile

28.7%

JSON

Insufficient Logging vulnerability in Hitachi HiRDB Server, HiRDB Server With Addtional Function, HiRDB Structured Data Access Facility.This issue affects HiRDB Server: before 09-60-39, before 09-65-23,

before 09-66-17,

before 10-01-10, before 10-03-12, before 10-04-06, before 10-05-06, before 10-06-02; HiRDB Server With Addtional Function: before 09-60-2M, before 09-65-/W

, before 09-66-/Q

; HiRDB Structured Data Access Facility: before 09-60-39, before 10-03-12, before 10-04-06, before 10-06-02.

Affected configurations

Nvd

Node

hitachihirdb_server_with_additional_functionRange09-00–09-00-2d

hitachihirdb_server_with_additional_functionRange09-01–09-01-\/x

hitachihirdb_server_with_additional_functionRange09-02–09-02-2f

hitachihirdb_server_with_additional_functionRange09-03–09-03-2a

hitachihirdb_server_with_additional_functionRange09-04–09-04-2s

hitachihirdb_server_with_additional_functionRange09-50–09-50-2k

hitachihirdb_server_with_additional_functionRange09-60–09-60-2k

hitachihirdb_server_with_additional_functionRange09-65–09-65-\/v

hitachihirdb_server_with_additional_functionRange09-66–09-66-\/p

AND

hphp-uxMatch-

linuxlinux_kernelMatch-

microsoftwindowsMatch-

Node

hitachihirdb_server_with_additional_functionRange09-00–09-00-2f

hitachihirdb_server_with_additional_functionRange09-01–09-01-\/x

hitachihirdb_server_with_additional_functionRange09-02–09-02-2f

hitachihirdb_server_with_additional_functionRange09-03–09-03-2e

hitachihirdb_server_with_additional_functionRange09-04–09-04-2s

hitachihirdb_server_with_additional_functionRange09-50–09-50-2k

hitachihirdb_server_with_additional_functionRange09-60–09-60-2l

hitachihirdb_server_with_additional_functionRange09-65–09-65-\/v

hitachihirdb_server_with_additional_functionRange09-66–09-66-\/p

AND

ibmaixMatch-

Node

hitachihirdb_structured_data_access_facilityRange09-60–09-60-37

hitachihirdb_structured_data_access_facilityRange09-66–09-66-06

hitachihirdb_structured_data_access_facilityRange10-01–10-01-03

hitachihirdb_structured_data_access_facilityRange10-02–10-02-12

hitachihirdb_structured_data_access_facilityRange10-03–10-03-10

hitachihirdb_structured_data_access_facilityRange10-04–10-04-05

hitachihirdb_structured_data_access_facilityRange10-06–10-06-01

AND

linuxlinux_kernelMatch-

Node

hitachihirdb_serverRange09-00–09-00-30

hitachihirdb_serverRange09-01–09-01-24

hitachihirdb_serverRange09-02–09-02-32

hitachihirdb_serverRange09-03–09-03-27

hitachihirdb_serverRange09-04–09-04-31

AND

oraclesolarisMatch-

Node

hitachihirdb_serverRange09-00–09-00-32

hitachihirdb_serverRange09-01–09-01-24

hitachihirdb_serverRange09-02–09-02-32

hitachihirdb_serverRange09-03–09-03-31

hitachihirdb_serverRange09-04–09-04-45

hitachihirdb_serverRange09-50–09-50-37

hitachihirdb_serverRange09-60–09-60-38

hitachihirdb_serverRange09-65–09-65-22

hitachihirdb_serverRange09-66–09-66-16

hitachihirdb_serverRange10-00–10-00-09

hitachihirdb_serverRange10-01–10-01-09

hitachihirdb_serverRange10-02–10-02-12

hitachihirdb_serverRange10-03–10-03-11

hitachihirdb_serverRange10-04–10-04-04

hitachihirdb_serverRange10-05–10-05-05

hitachihirdb_serverRange10-06–10-06-01

AND

ibmaixMatch-

Node

hitachihirdb_serverRange09-00–09-00-32

hitachihirdb_serverRange09-01–09-01-24

hitachihirdb_serverRange09-02–09-02-32

hitachihirdb_serverRange09-03–09-03-31

hitachihirdb_serverRange09-04–09-04-45

hitachihirdb_serverRange09-50–09-50-37

hitachihirdb_serverRange09-60–09-60-38

hitachihirdb_serverRange09-65–09-65-22

hitachihirdb_serverRange09-66–09-66-16

hitachihirdb_serverRange10-00–10-00-09

hitachihirdb_serverRange10-01–10-01-09

hitachihirdb_serverRange10-02–10-02-12

hitachihirdb_serverRange10-03–10-03-10

hitachihirdb_serverRange10-04–10-04-04

hitachihirdb_serverRange10-05–10-05-05

hitachihirdb_serverRange10-06–10-06-01

AND

microsoftwindowsMatch-

Node

hitachihirdb_serverRange09-00–09-00-32

hitachihirdb_serverRange09-01–09-01-24

hitachihirdb_serverRange09-02–09-02-32

hitachihirdb_serverRange09-03–09-03-31

hitachihirdb_serverRange09-04–09-04-45

hitachihirdb_serverRange09-50–09-50-37

hitachihirdb_serverRange09-60–09-60-38

hitachihirdb_serverRange09-65–09-65-22

hitachihirdb_serverRange09-66–09-66-16

hitachihirdb_serverRange10-00–10-00-09

hitachihirdb_serverRange10-01–10-01-09

hitachihirdb_serverRange10-02–10-02-12

hitachihirdb_serverRange10-03–10-03-10

hitachihirdb_serverRange10-04–10-04-05

hitachihirdb_serverRange10-05–10-05-05

hitachihirdb_serverRange10-06–10-06-01

AND

linuxlinux_kernelMatch-

Node

hitachihirdb_serverRange09-00–09-00-30

hitachihirdb_serverRange09-01–09-01-24

hitachihirdb_serverRange09-02–09-02-32

hitachihirdb_serverRange09-03–09-03-27

hitachihirdb_serverRange09-04–09-04-45

hitachihirdb_serverRange09-50–09-50-37

hitachihirdb_serverRange09-60–09-60-37

hitachihirdb_serverRange09-65–09-65-22

hitachihirdb_serverRange09-66–09-66-16

hitachihirdb_serverRange10-00–10-00-09

hitachihirdb_serverRange10-01–10-01-09

hitachihirdb_serverRange10-02–10-02-12

hitachihirdb_serverRange10-03–10-03-10

hitachihirdb_serverRange10-04–10-04-04

hitachihirdb_serverRange10-05–10-05-05

AND

hphp-uxMatch-

VendorProductVersionCPE
hitachihirdb_server_with_additional_function*cpe:2.3:a:hitachi:hirdb_server_with_additional_function:*:*:*:*:*:*:*:*
hphp-ux-cpe:2.3:o:hp:hp-ux:-:*:*:*:*:*:*:*
linuxlinux_kernel-cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
microsoftwindows-cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
ibmaix-cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*
hitachihirdb_structured_data_access_facility*cpe:2.3:a:hitachi:hirdb_structured_data_access_facility:*:*:*:*:*:*:*:*
hitachihirdb_server*cpe:2.3:a:hitachi:hirdb_server:*:*:*:*:*:*:*:*
oraclesolaris-cpe:2.3:o:oracle:solaris:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
hitachi	hirdb_server_with_additional_function	*	cpe:2.3:a:hitachi:hirdb_server_with_additional_function::::::::
hp	hp-ux	-	cpe:2.3:o:hp:hp-ux:-:::::::*
linux	linux_kernel	-	cpe:2.3:o:linux:linux_kernel:-:::::::*
microsoft	windows	-	cpe:2.3:o:microsoft:windows:-:::::::*
ibm	aix	-	cpe:2.3:o:ibm:aix:-:::::::*
hitachi	hirdb_structured_data_access_facility	*	cpe:2.3:a:hitachi:hirdb_structured_data_access_facility::::::::
hitachi	hirdb_server	*	cpe:2.3:a:hitachi:hirdb_server::::::::
oracle	solaris	-	cpe:2.3:o:oracle:solaris:-:::::::*

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "HiRDB Server",
    "vendor": "Hitachi",
    "versions": [
      {
        "lessThan": "09-60",
        "status": "affected",
        "version": "07-03",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "09-60-39",
            "status": "unaffected"
          }
        ],
        "lessThan": "09-60-39",
        "status": "affected",
        "version": "09-60",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "09-65-23",
            "status": "unaffected"
          }
        ],
        "lessThan": "09-65-23",
        "status": "affected",
        "version": "09-65",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "09-66-17",
            "status": "unaffected"
          }
        ],
        "lessThan": "09-66-17",
        "status": "affected",
        "version": "09-66",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "10-00-*",
        "status": "affected",
        "version": "10-00",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "10-01-10",
            "status": "unaffected"
          }
        ],
        "lessThan": "10-01-10",
        "status": "affected",
        "version": "10-01",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "10-02-*",
        "status": "affected",
        "version": "10-02",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "10-03-12",
            "status": "unaffected"
          }
        ],
        "lessThan": "10-03-12",
        "status": "affected",
        "version": "10-03",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "10-04-06",
            "status": "unaffected"
          }
        ],
        "lessThan": "10-04-06",
        "status": "affected",
        "version": "10-04",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "10-05-06",
            "status": "unaffected"
          }
        ],
        "lessThan": "10-05-06",
        "status": "affected",
        "version": "10-05",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "10-06-02",
            "status": "unaffected"
          }
        ],
        "lessThan": "10-06-02",
        "status": "affected",
        "version": "10-06",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "HiRDB Server With Addtional Function",
    "vendor": "Hitachi",
    "versions": [
      {
        "lessThan": "09-60",
        "status": "affected",
        "version": "07-03",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "09-60-2M",
            "status": "unaffected"
          }
        ],
        "lessThan": "09-60-2M",
        "status": "affected",
        "version": "09-60",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "09-65-/W",
            "status": "unaffected"
          }
        ],
        "lessThan": "09-65-/W",
        "status": "affected",
        "version": "09-65",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "09-66-/Q",
            "status": "unaffected"
          }
        ],
        "lessThan": "09-66-/Q",
        "status": "affected",
        "version": "09-66",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "HiRDB Structured Data Access Facility",
    "vendor": "Hitachi",
    "versions": [
      {
        "lessThan": "09-60",
        "status": "affected",
        "version": "07-03",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "09-60-39",
            "status": "unaffected"
          }
        ],
        "lessThan": "09-60-39",
        "status": "affected",
        "version": "09-60",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "09-65-*",
        "status": "affected",
        "version": "09-65",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "09-66-*",
        "status": "affected",
        "version": "09-66",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "10-00-*",
        "status": "affected",
        "version": "10-00",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "10-01-*",
        "status": "affected",
        "version": "10-01",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "10-02-*",
        "status": "affected",
        "version": "10-02",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "10-03-12",
            "status": "unaffected"
          }
        ],
        "lessThan": "10-03-12",
        "status": "affected",
        "version": "10-03",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "10-04-06",
            "status": "unaffected"
          }
        ],
        "lessThan": "10-04-06",
        "status": "affected",
        "version": "10-04",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "10-05-*",
        "status": "affected",
        "version": "10-05",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "10-06-02",
            "status": "unaffected"
          }
        ],
        "lessThan": "10-06-02",
        "status": "affected",
        "version": "10-06",
        "versionType": "custom"
      }
    ]
  }
]

References

www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-133/index.html

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

EPSS

0.001

Percentile

28.7%

JSON

Related for CVE-2023-1995