CVE-2024-4679

HIGH

Hitachi JP1/Extensible SNMP Agent - File Manipulation

Title source: llm

Description

Incorrect Default Permissions vulnerability in Hitachi JP1/Extensible SNMP Agent for Windows, Hitachi JP1/Extensible SNMP Agent on Windows, Hitachi Job Management Partner1/Extensible SNMP Agent on Windows allows File Manipulation.This issue affects JP1/Extensible SNMP Agent for Windows: from 12-00 before 12-00-01, from 11-00 through 11-00-*; JP1/Extensible SNMP Agent: from 10-10 through 10-10-01, from 10-00 through 10-00-02, from 09-00 through 09-00-04; Job Management Partner1/Extensible SNMP Agent: from 10-10 through 10-10-01, from 10-00 through 10-00-02, from 09-00 through 09-00-04.

References (1)

Core 1

Core References

Various Sources vendor-advisory

https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2024-127/index.html

Scores

CVSS v3 7.8

EPSS 0.0007

EPSS Percentile 21.0%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-276

Status published

Products (8)

Hitachi/Job Management Partner1/Extensible SNMP Agent 09-00 - 09-00-04

Hitachi/Job Management Partner1/Extensible SNMP Agent 10-00 - 10-00-02

Hitachi/Job Management Partner1/Extensible SNMP Agent 10-10 - 10-10-01

Hitachi/JP1/Extensible SNMP Agent 09-00 - 09-00-04

Hitachi/JP1/Extensible SNMP Agent 10-00 - 10-00-02

Hitachi/JP1/Extensible SNMP Agent 10-10 - 10-10-01

Hitachi/JP1/Extensible SNMP Agent for Windows 11-00 - 11-00-*

Hitachi/JP1/Extensible SNMP Agent for Windows 12-00 - 12-00-01

Published Jul 02, 2024

Tracked Since Feb 18, 2026