Incorrect Default Permissions vulnerability affects Hitachi JP1/Extensible SNMP Agent for Windows

CVE-2024-4679

7.8HIGH

Key Information

Vendor: Hitachi
Status: Jp1/extensible Snmp Agent For Windows; Jp1/extensible Snmp Agent; Job Management Partner1/extensible Snmp Agent
Vendor: CVE Published:; 2 July 2024

Summary

Incorrect Default Permissions vulnerability in Hitachi JP1/Extensible SNMP Agent for Windows, Hitachi JP1/Extensible SNMP Agent on Windows, Hitachi Job Management Partner1/Extensible SNMP Agent on Windows allows File Manipulation.This issue affects JP1/Extensible SNMP Agent for Windows: from 12-00 before 12-00-01, from 11-00 through 11-00-*; JP1/Extensible SNMP Agent: from 10-10 through 10-10-01, from 10-00 through 10-00-02, from 09-00 through 09-00-04; Job Management Partner1/Extensible SNMP Agent: from 10-10 through 10-10-01, from 10-00 through 10-00-02, from 09-00 through 09-00-04.

Affected Version(s)

JP1/Extensible SNMP Agent for Windows < 12-00-01

JP1/Extensible SNMP Agent for Windows <= 11-00-*

JP1/Extensible SNMP Agent <= 10-10-01

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published.
Jul 2, 2024
Vulnerability Reserved.
May 9, 2024

Collectors

NVD DatabaseMitre Database

Credit

Shun Suzaki

Yutaka Kokubu

Kazuki Hirota