Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2020-36695

Incorrect Default Permissions vulnerability in Hitachi Device Manager on Linux (Device Manager Server component), Hitachi Tiered Storage Manager on Linux, Hitachi Replication Manager on Linux, Hitachi Tuning Manager on Linux (Hitachi Tuning Manager server, Hitachi Tuning Manager - Agent for RAID, Hitachi Tuning Manager - Agent for NAS components), Hitachi Compute Systems Manager on Linux allows File Manipulation.This issue affects Hitachi Device Manager: before 8.8.5-02; Hitachi Tiered Storage Manager: before 8.8.5-02; Hitachi Replication Manager: before 8.8.5-02; Hitachi Tuning Manager: before 8.8.5-02; Hitachi Compute Systems Manager: before 8.8.3-08.

Published

2023-07-18T03:15:52.963

Last Modified

2024-11-21T05:30:05.247

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 6.6 (MEDIUM)

Weaknesses

Type: Secondary
CWE-276
Type: Primary
CWE-276

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	hitachi	compute_systems_manager	< 8.8.3-08	Yes
Application	hitachi	device_manager	< 8.8.5-02	Yes
Application	hitachi	replication_manager	< 8.8.5-02	Yes
Application	hitachi	tiered_storage_manager	< 8.8.5-02	Yes
Application	hitachi	tuning_manager	< 8.8.5-02	Yes
Operating System	linux	linux_kernel	-	No

References

https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-124/index.html Vendor Advisory ([email protected])
https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-124/index.html Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)