Incorrect Default Permissions vulnerability affects Hitachi JP1/Extensible SNMP Agent for Windows
CVE-2024-4679

7.8HIGH

Key Information:

Vendor: Hitachi
Status: Jp1/extensible Snmp Agent For Windows; Jp1/extensible Snmp Agent; Job Management Partner1/extensible Snmp Agent
Vendor: CVE Published:; 2 July 2024

Summary

The vulnerability in Hitachi's JP1/Extensible SNMP Agent for Windows allows unauthorized file manipulation due to incorrect default permissions. This issue affects a range of versions of the JP1/Extensible SNMP Agent as well as the Job Management Partner1/Extensible SNMP Agent on Windows. Users are advised to update their systems and review security configurations to mitigate potential risks associated with this vulnerability.

Affected Version(s)

Job Management Partner1/Extensible SNMP Agent Windows 10-10 <= 10-10-01

Job Management Partner1/Extensible SNMP Agent Windows 10-00 <= 10-00-02

Job Management Partner1/Extensible SNMP Agent Windows 09-00 <= 09-00-04

References

https://www.hitachi.com/products/it/software/security/inf...

vendor-advisory

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 2, 2024
Vulnerability Reserved
May 9, 2024

Collectors

NVD DatabaseMitre Database

Credit

Shun Suzaki

Yutaka Kokubu

Kazuki Hirota