EL Injection Vulnerability in Hitachi Replication Manager
CVE-2022-4146

7.3HIGH

Key Information:

Vendor

Hitachi
Status
Hitachi Replication Manager
Vendor
CVE Published:
18 July 2023

What is CVE-2022-4146?

A vulnerability in Hitachi Replication Manager permits Expression Language Injection, enabling attackers to execute arbitrary code on affected systems. This flaw affects versions prior to 8.8.5-02 across multiple operating systems, including Windows, Linux, and Solaris. Organizations using these versions are advised to apply the necessary updates to mitigate risk and prevent unauthorized code execution.

Affected Version(s)

Hitachi Replication Manager Windows 0 < 8.8.5-02

References

https://www.hitachi.com/products/it/software/security/inf...
vendor-advisory

CVSS V3.1

Score:
7.3
Severity:
HIGH
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.