Lucene search

HitachiCVELIST:CVE-2022-4041

HistoryJan 31, 2023 - 1:39 a.m.

CVE-2022-4041 Privilege Escalation Vulnerability in Hitachi Storage Plug-in for VMware vCenter

2023-01-3101:39:38

CWE-266

CWE-287

Hitachi

www.cve.org

hitachi

vmware vcenter

privilege escalation

CVSS3

5.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H

AI Score

8.6

Confidence

High

EPSS

0.002

Percentile

59.2%

JSON

Incorrect Privilege Assignment vulnerability in Hitachi Storage Plug-in for VMware vCenter allows remote authenticated users to cause privilege escalation.
This issue affects Hitachi Storage Plug-in for VMware vCenter: from 04.8.0 before 04.9.1.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Hitachi Storage Plug-in for VMware vCenter",
    "vendor": "Hitachi",
    "versions": [
      {
        "changes": [
          {
            "at": "04.9.1",
            "status": "unaffected"
          }
        ],
        "lessThan": "04.9.1",
        "status": "affected",
        "version": "04.8.0",
        "versionType": "custom"
      }
    ]
  }
]

References

www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-103/index.html

CVSS3

5.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H

AI Score

8.6

Confidence

High

EPSS

0.002

Percentile

59.2%

JSON

Related for CVELIST:CVE-2022-4041