Lucene search

HitachiCVELIST:CVE-2022-3191

HistoryNov 01, 2022 - 2:09 a.m.

CVE-2022-3191 Information Exposure Vulnerability in Hitachi Ops Center Analyzer

2022-11-0102:09:13

CWE-532

Hitachi

www.cve.org

cve-2022-3191

information exposure

hitachi ops center analyzer

CVSS3

6.6

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L

EPSS

Percentile

5.1%

JSON

Insertion of Sensitive Information into Log File vulnerability in Hitachi Ops Center Analyzer on Linux (Virtual Strage Software Agent component) allows local users to gain sensitive information.
This issue affects Hitachi Ops Center Analyzer: from 10.8.1-00 before 10.9.0-00

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "modules": [
      "Virtual Strage Software Agent"
    ],
    "platforms": [
      "Linux"
    ],
    "product": "Hitachi Ops Center Analyzer",
    "vendor": "Hitachi",
    "versions": [
      {
        "changes": [
          {
            "at": "10.9.0-00",
            "status": "unaffected"
          }
        ],
        "lessThan": "10.9.0-00",
        "status": "affected",
        "version": "10.8.1-00",
        "versionType": "custom"
      }
    ]
  }
]

References

www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2022-134/index.html