Local Users Can Read and Write Specific Files Due to Incorrect Default Permissions

CVE-2024-22385

4.4MEDIUM

Key Information

Vendor: Hitachi
Status: Hitachi Storage Provider For Vmware Vcenter
Vendor: CVE Published:; 25 June 2024

Badges

📰 News Worthy

Summary

Incorrect Default Permissions vulnerability in Hitachi Storage Provider for VMware vCenter allows local users to read and write specific files.This issue affects Hitachi Storage Provider for VMware vCenter: from 3.1.0 before 3.7.4.

Affected Version(s)

Hitachi Storage Provider for VMware vCenter < 3.7.4

News Articles

prophaze.com

CVE-2024-22385

CVE-2024-22385 : HITACHI STORAGE PROVIDER FOR VMWARE VCENTER UP TO 3.7.3 DEFAULT PERMISSION - Cloud WAF

CVE-2024-22385 : Incorrect Default Permissions vulnerability in Hitachi Storage Provider for VMware vCenter allows local users to read and write specific files.

5 months ago

CVSS V3.1

Score:

4.4

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

First article discovered by prophaze.com
Jun 25, 2024
Vulnerability published.
Jun 25, 2024
Vulnerability Reserved.
Jan 10, 2024

Collectors

NVD DatabaseMitre Database1 News Article(s)