CVE-2023-3440
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
9.0%
Incorrect Default Permissions vulnerability in Hitachi JP1/Performance Management on Windows allows File Manipulation.This issue affects JP1/Performance Management - Manager: from 09-00 before 12-50-07; JP1/Performance Management - Base: from 09-00 through 10-50-; JP1/Performance Management - Agent Option for Application Server: from 11-00 before 11-50-16; JP1/Performance Management - Agent Option for Enterprise Applications: from 09-00 before 12-00-14; JP1/Performance Management - Agent Option for HiRDB: from 09-00 before 12-00-14; JP1/Performance Management - Agent Option for IBM Lotus Domino: from 10-00 before 11-50-16; JP1/Performance Management - Agent Option for Microsoft® Exchange Server: from 09-00 before 12-00-14; JP1/Performance Management - Agent Option for Microsoft® Internet Information Server: from 09-00 before 12-00-14; JP1/Performance Management - Agent Option for Microsoft® SQL Server: from 09-00 before 12-50-07; JP1/Performance Management - Agent Option for Oracle: from 09-00 before 12-10-08; JP1/Performance Management - Agent Option for Platform: from 09-00 before 12-50-07; JP1/Performance Management - Agent Option for Service Response: from 09-00 before 11-50-16; JP1/Performance Management - Agent Option for Transaction System: from 11-00 before 12-00-14; JP1/Performance Management - Remote Monitor for Microsoft® SQL Server: from 09-00 before 12-50-07; JP1/Performance Management - Remote Monitor for Oracle: from 09-00 before 12-10-08; JP1/Performance Management - Remote Monitor for Platform: from 09-00 before 12-10-08; JP1/Performance Management - Remote Monitor for Virtual Machine: from 10-00 before 12-50-07; JP1/Performance Management - Agent Option for Domino: from 09-00 through 09-00-; JP1/Performance Management - Agent Option for IBM WebSphere Application Server: from 09-00 through 10-00-; JP1/Performance Management - Agent Option for IBM WebSphere MQ: from 09-00 through 10-00-; JP1/Performance Management - Agent Option for JP1/AJS3: from 09-00 through 10-00-; JP1/Performance Management - Agent Option for OpenTP1: from 09-00 through 10-00-; JP1/Performance Management - Agent Option for Oracle WebLogic Server: from 09-00 through 10-00-; JP1/Performance Management - Agent Option for uCosminexus Application Server: from 09-00 through 10-00-; JP1/Performance Management - Agent Option for Virtual Machine: from 09-00 through 09-01-*.
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | windows | - | cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* |
| hitachi | jp1\/performance_management | - | cpe:2.3:a:hitachi:jp1\/performance_management:-:*:*:*:*:*:*:* |
Related
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
9.0%