EL Injection Vulnerability in Hitachi Replication Manager
CVE-2022-4146
7.3HIGH
Summary
A vulnerability in Hitachi Replication Manager permits Expression Language Injection, enabling attackers to execute arbitrary code on affected systems. This flaw affects versions prior to 8.8.5-02 across multiple operating systems, including Windows, Linux, and Solaris. Organizations using these versions are advised to apply the necessary updates to mitigate risk and prevent unauthorized code execution.
Affected Version(s)
Hitachi Replication Manager Windows 0 < 8.8.5-02
References
CVSS V3.1
Score:
7.3
Severity:
HIGH
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Collectors
NVD DatabaseMitre Database