OS Command Injection Vulnerability in RAID Manager Storage Replication Adapter
CVE-2022-34883

7.2HIGH

Key Information:

Vendor: Hitachi
Status: Raid Manager Storage Replication Adapter
Vendor: CVE Published:; 6 September 2022

Summary

OS Command Injection vulnerability in Hitachi RAID Manager Storage Replication Adapter allows remote authenticated users to execute arbitrary OS commands. This issue affects: Hitachi RAID Manager Storage Replication Adapter 02.01.04 versions prior to 02.03.02 on Windows; 02.05.00 versions prior to 02.05.01 on Windows and Docker.

Affected Version(s)

RAID Manager Storage Replication Adapter Windows 02.01.04 < 02.03.02

RAID Manager Storage Replication Adapter Windows 02.05.00 < 02.05.01

References

https://www.hitachi.com/products/it/storage-solutions/sec...

vendor-advisory

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 6, 2022
Vulnerability Reserved
Jun 30, 2022