File and Directory Permission Vulnerability in Hitachi Tuning Manager
CVE-2020-36611

6.6MEDIUM

Key Information:

Vendor: Hitachi
Status: Hitachi Tuning Manager
Vendor: CVE Published:; 17 January 2023

What is CVE-2020-36611?

Incorrect Default Permissions vulnerability in Hitachi Tuning Manager on Linux (Hitachi Tuning Manager server, Hitachi Tuning Manager - Agent for RAID, Hitachi Tuning Manager - Agent for NAS, Hitachi Tuning Manager - Agent for SAN Switch components) allows local users to read and write specific files.This issue affects Hitachi Tuning Manager: before 8.8.5-00.

Affected Version(s)

Hitachi Tuning Manager Linux 0 < 8.8.5-00

References

https://www.hitachi.com/products/it/software/security/inf...

vendor-advisory

CVSS V3.1

Score:

6.6

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 17, 2023
Vulnerability Reserved
Dec 13, 2022