CVE-2022-36407

CRITICAL

Hitachi Virtual Storage Platform - Info Disclosure

Title source: llm
STIX 2.1

Description

Insertion of Sensitive Information into Log File vulnerability in Hitachi Virtual Storage Platform, Hitachi Virtual Storage Platform VP9500, Hitachi Virtual Storage Platform G1000, G1500, Hitachi Virtual Storage Platform F1500, Hitachi Virtual Storage Platform 5100, 5500, 5100H, 5500H, Hitachi Virtual Storage Platform 5200, 5600, 5200H, 5600H, Hitachi Unified Storage VM, Hitachi Virtual Storage Platform G100, G200, G400, G600, G800, Hitachi Virtual Storage Platform F400, F600, F800, Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, Hitachi Virtual Storage Platform F350, F370, F700, F900, Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H allows local users to gain sensitive information.This issue affects Hitachi Virtual Storage Platform: before DKCMAIN Ver. 70-06-74-00/00, SVP Ver. 70-06-58/00; Hitachi Virtual Storage Platform VP9500: before DKCMAIN Ver. 70-06-74-00/00, SVP Ver. 70-06-58/00; Hitachi Virtual Storage Platform G1000, G1500: before DKCMAIN Ver. 80-06-92-00/00, SVP Ver. 80-06-87/00; Hitachi Virtual Storage Platform F1500: before DKCMAIN Ver. 80-06-92-00/00, SVP Ver. 80-06-87/00; Hitachi Virtual Storage Platform 5100, 5500,5100H, 5500H: before DKCMAIN Ver. 90-08-81-00/00, SVP Ver. 90-08-81/00, before DKCMAIN Ver. 90-08-62-00/00, SVP Ver. 90-08-62/00, before DKCMAIN Ver. 90-08-43-00/00, SVP Ver. 90-08-43/00; Hitachi Virtual Storage Platform 5200, 5600,5200H, 5600H: before DKCMAIN Ver. 90-08-81-00/00, SVP Ver. 90-08-81/00, before DKCMAIN Ver. 90-08-62-00/00, SVP Ver. 90-08-62/00, before DKCMAIN Ver. 90-08-43-00/00, SVP Ver. 90-08-43/00; Hitachi Unified Storage VM: before DKCMAIN Ver. 73-03-75-X0/00, SVP Ver. 73-03-74/00, before DKCMAIN Ver. 73(75)-03-75-X0/00, SVP Ver. 73(75)-03-74/00; Hitachi Virtual Storage Platform G100, G200, G400, G600, G800: before DKCMAIN Ver. 83-06-19-X0/00, SVP Ver. 83-06-20-X0/00, before DKCMAIN Ver. 83-05-47-X0/00, SVP Ver. 83-05-51-X0/00; Hitachi Virtual Storage Platform F400, F600, F800: before DKCMAIN Ver. 83-06-19-X0/00, SVP Ver. 83-06-20-X0/00, before DKCMAIN Ver. 83-05-47-X0/00, SVP Ver. 83-05-51-X0/00; Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900: before DKCMAIN Ver. 88-08-09-XX/00, SVP Ver. 88-08-11-X0/02; Hitachi Virtual Storage Platform F350, F370, F700, F900: before DKCMAIN Ver. 88-08-09-XX/00, SVP Ver. 88-08-11-X0/02; Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H: before DKCMAIN Ver. 93-06-81-X0/00, SVP Ver. 93-06-81-X0/00, before DKCMAIN Ver. 93-06-62-X0/00, SVP Ver. 93-06-62-X0/00, before DKCMAIN Ver. 93-06-43-X0/00, SVP Ver. 93-06-43-X0/00.

References (1)

Core 1

Scores

CVSS v3 9.9
EPSS 0.0008
EPSS Percentile 24.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-532
Status published
Products (21)
Hitachi/Hitachi Unified Storage VM < DKCMAIN Ver. 73(75)-03-75-X0/00, SVP Ver. 73(75)-03-74/00
Hitachi/Hitachi Unified Storage VM < DKCMAIN Ver. 73-03-75-X0/00, SVP Ver. 73-03-74/00
Hitachi/Hitachi Virtual Storage Platform < DKCMAIN Ver. 70-06-74-00/00, SVP Ver. 70-06-58/00
Hitachi/Hitachi Virtual Storage Platform 5100, 5500, 5100H, 5500H < DKCMAIN Ver. 90-08-43-00/00, SVP Ver. 90-08-43/00
Hitachi/Hitachi Virtual Storage Platform 5100, 5500, 5100H, 5500H < DKCMAIN Ver. 90-08-62-00/00, SVP Ver. 90-08-62/00
Hitachi/Hitachi Virtual Storage Platform 5100, 5500, 5100H, 5500H < DKCMAIN Ver. 90-08-81-00/00, SVP Ver. 90-08-81/00
Hitachi/Hitachi Virtual Storage Platform 5200, 5600, 5200H, 5600H < DKCMAIN Ver. 90-08-43-00/00, SVP Ver. 90-08-43/00
Hitachi/Hitachi Virtual Storage Platform 5200, 5600, 5200H, 5600H < DKCMAIN Ver. 90-08-62-00/00, SVP Ver. 90-08-62/00
Hitachi/Hitachi Virtual Storage Platform 5200, 5600, 5200H, 5600H < DKCMAIN Ver. 90-08-81-00/00, SVP Ver. 90-08-81/00
Hitachi/Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H < DKCMAIN Ver. 93-06-43-X0/00, SVP Ver. 93-06-43-X0/00
... and 11 more
Published Mar 25, 2024
Tracked Since Feb 18, 2026