Local Users Can Read and Write Specific Files Due to Incorrect Default Permissions
CVE-2024-22385

4.4MEDIUM

Key Information:

Vendor
Hitachi
Status
Hitachi Storage Provider For Vmware Vcenter
Vendor
CVE Published:
25 June 2024

Badges

πŸ“° News Worthy

Summary

Incorrect Default Permissions vulnerability in Hitachi Storage Provider for VMware vCenter allows local users to read and write specific files.This issue affects Hitachi Storage Provider for VMware vCenter: from 3.1.0 before 3.7.4.

Affected Version(s)

Hitachi Storage Provider for VMware vCenter 3.1.0 < 3.7.4

News Articles

favicon imageprophaze.com

CVE-2024-22385 : HITACHI STORAGE PROVIDER FOR VMWARE VCENTER UP TO 3.7.3 DEFAULT PERMISSION - Cloud WAF

CVE-2024-22385 : Incorrect Default Permissions vulnerability in Hitachi Storage Provider for VMware vCenter allows local users to read and write specific files.

7 months ago

References

https://www.hitachi.com/products/it/software/security/inf...

CVSS V3.1

Score:
4.4
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • πŸ“°

    First article discovered by prophaze.com

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre Database1 News Article(s)
.