Vulnerabilites related to hitachi - ops_center_common_services
CVE-2023-3967 (GCVE-0-2023-3967)
Vulnerability from cvelistv5
Published
2023-10-03 01:04
Modified
2024-09-20 14:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Summary
Allocation of Resources Without Limits or Throttling vulnerability in Hitachi Ops Center Common Services on Linux allows DoS.This issue affects Hitachi Ops Center Common Services: before 10.9.3-00.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hitachi | Hitachi Ops Center Common Services |
Version: 0 < 10.9.3-00 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:08:50.704Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-142/index.html"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:hitachi:ops_center_common_services:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ops_center_common_services",
"vendor": "hitachi",
"versions": [
{
"lessThan": "10.9.3-00",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-3967",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-20T14:16:29.246774Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-20T14:18:07.774Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux"
],
"product": "Hitachi Ops Center Common Services",
"vendor": "Hitachi",
"versions": [
{
"changes": [
{
"at": "10.9.3-00",
"status": "unaffected"
}
],
"lessThan": "10.9.3-00",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Allocation of Resources Without Limits or Throttling vulnerability in Hitachi Ops Center Common Services on Linux allows DoS.\u003cp\u003eThis issue affects Hitachi Ops Center Common Services: before 10.9.3-00.\u003c/p\u003e"
}
],
"value": "Allocation of Resources Without Limits or Throttling vulnerability in Hitachi Ops Center Common Services on Linux allows DoS.This issue affects Hitachi Ops Center Common Services: before 10.9.3-00.\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-469",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-469 HTTP DoS"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770 Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-03T01:04:00.870Z",
"orgId": "50d0f415-c707-4733-9afc-8f6c0e9b3f82",
"shortName": "Hitachi"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-142/index.html"
}
],
"source": {
"advisory": "hitachi-sec-2023-142",
"discovery": "UNKNOWN"
},
"title": "DoS Vulnerability in Hitachi Ops Center Common Services",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "50d0f415-c707-4733-9afc-8f6c0e9b3f82",
"assignerShortName": "Hitachi",
"cveId": "CVE-2023-3967",
"datePublished": "2023-10-03T01:04:00.870Z",
"dateReserved": "2023-07-27T00:51:47.516Z",
"dateUpdated": "2024-09-20T14:18:07.774Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-2819 (GCVE-0-2024-2819)
Vulnerability from cvelistv5
Published
2024-07-02 01:53
Modified
2024-08-01 19:25
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Incorrect Default Permissions, Improper Preservation of Permissions vulnerability in Hitachi Ops Center Common Services allows File Manipulation.This issue affects Hitachi Ops Center Common Services: before 11.0.2-00.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hitachi | Hitachi Ops Center Common Services |
Version: 0 < 11.0.2-00 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-2819",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-02T18:19:58.248604Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-02T18:20:06.592Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T19:25:41.763Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2024-132/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Hitachi Ops Center Common Services",
"vendor": "Hitachi",
"versions": [
{
"changes": [
{
"at": "11.0.2-00",
"status": "unaffected"
}
],
"lessThan": "11.0.2-00",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Incorrect Default Permissions, Improper Preservation of Permissions vulnerability in Hitachi Ops Center Common Services allows File Manipulation.\u003cp\u003eThis issue affects Hitachi Ops Center Common Services: before 11.0.2-00.\u003c/p\u003e"
}
],
"value": "Incorrect Default Permissions, Improper Preservation of Permissions vulnerability in Hitachi Ops Center Common Services allows File Manipulation.This issue affects Hitachi Ops Center Common Services: before 11.0.2-00."
}
],
"impacts": [
{
"capecId": "CAPEC-165",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-165 File Manipulation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276 Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-281",
"description": "CWE-281 Improper Preservation of Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-02T01:53:44.982Z",
"orgId": "50d0f415-c707-4733-9afc-8f6c0e9b3f82",
"shortName": "Hitachi"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2024-132/index.html"
}
],
"source": {
"advisory": "hitachi-sec-2024-132",
"discovery": "UNKNOWN"
},
"title": "File Permission Vulnerability in Hitachi Ops Center Common Services",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "50d0f415-c707-4733-9afc-8f6c0e9b3f82",
"assignerShortName": "Hitachi",
"cveId": "CVE-2024-2819",
"datePublished": "2024-07-02T01:53:44.982Z",
"dateReserved": "2024-03-22T06:56:51.487Z",
"dateUpdated": "2024-08-01T19:25:41.763Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-7125 (GCVE-0-2024-7125)
Vulnerability from cvelistv5
Published
2024-08-27 04:15
Modified
2024-08-28 14:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-288 - Authentication Bypass Using an Alternate Path or Channel
Summary
Authentication Bypass vulnerability in Hitachi Ops Center Common Services.This issue affects Hitachi Ops Center Common Services: from 10.9.3-00 before 11.0.2-01.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hitachi | Hitachi Ops Center Common Services |
Version: 10.9.3-00 < 11.0.2-01 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:hitachi:ops_center_common_services:10.9.3-00:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ops_center_common_services",
"vendor": "hitachi",
"versions": [
{
"lessThan": "11.0.2-01",
"status": "affected",
"version": "10.9.3-00",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7125",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-28T14:16:17.603187Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T14:17:22.156Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Hitachi Ops Center Common Services",
"vendor": "Hitachi",
"versions": [
{
"changes": [
{
"at": "11.0.2-01",
"status": "unaffected"
}
],
"lessThan": "11.0.2-01",
"status": "affected",
"version": "10.9.3-00",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Authentication Bypass vulnerability in Hitachi Ops Center Common Services.\u003cp\u003eThis issue affects Hitachi Ops Center Common Services: from 10.9.3-00 before 11.0.2-01.\u003c/p\u003e"
}
],
"value": "Authentication Bypass vulnerability in Hitachi Ops Center Common Services.This issue affects Hitachi Ops Center Common Services: from 10.9.3-00 before 11.0.2-01."
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "CWE-288 Authentication Bypass Using an Alternate Path or Channel",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-27T04:15:15.774Z",
"orgId": "50d0f415-c707-4733-9afc-8f6c0e9b3f82",
"shortName": "Hitachi"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2024-143/index.html"
}
],
"source": {
"advisory": "hitachi-sec-2024-143",
"discovery": "UNKNOWN"
},
"title": "Authentication Bypass Vulnerability in Hitachi Ops Center Common Services",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "50d0f415-c707-4733-9afc-8f6c0e9b3f82",
"assignerShortName": "Hitachi",
"cveId": "CVE-2024-7125",
"datePublished": "2024-08-27T04:15:15.774Z",
"dateReserved": "2024-07-26T09:21:02.356Z",
"dateUpdated": "2024-08-28T14:17:22.156Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2023-10-03 02:15
Modified
2024-11-21 08:18
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
Allocation of Resources Without Limits or Throttling vulnerability in Hitachi Ops Center Common Services on Linux allows DoS.This issue affects Hitachi Ops Center Common Services: before 10.9.3-00.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hitachi | ops_center_common_services | * | |
| linux | linux_kernel | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hitachi:ops_center_common_services:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1D9CAD64-949C-402C-BF5E-9F9C725C8AF4",
"versionEndExcluding": "10.9.3-00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Allocation of Resources Without Limits or Throttling vulnerability in Hitachi Ops Center Common Services on Linux allows DoS.This issue affects Hitachi Ops Center Common Services: before 10.9.3-00.\n\n"
},
{
"lang": "es",
"value": "La asignaci\u00f3n de recursos sin l\u00edmites o la vulnerabilidad de limitaci\u00f3n en los servicios comunes de Hitachi Ops Center en Linux permite DoS. Este problema afecta a los servicios comunes de Hitachi Ops Center: anteriores a 10.9.3-00."
}
],
"id": "CVE-2023-3967",
"lastModified": "2024-11-21T08:18:25.180",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "hirt@hitachi.co.jp",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-10-03T02:15:09.710",
"references": [
{
"source": "hirt@hitachi.co.jp",
"tags": [
"Vendor Advisory"
],
"url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-142/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-142/index.html"
}
],
"sourceIdentifier": "hirt@hitachi.co.jp",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-770"
}
],
"source": "hirt@hitachi.co.jp",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-770"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-08-27 05:15
Modified
2025-01-21 19:10
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Authentication Bypass vulnerability in Hitachi Ops Center Common Services.This issue affects Hitachi Ops Center Common Services: from 10.9.3-00 before 11.0.2-01.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hitachi | ops_center_common_services | * | |
| linux | linux_kernel | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hitachi:ops_center_common_services:*:*:*:*:*:*:*:*",
"matchCriteriaId": "202B8EDA-9412-4B7F-B437-E20BBC0AABF4",
"versionEndExcluding": "11.0.2-01",
"versionStartIncluding": "10.9.3-00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Authentication Bypass vulnerability in Hitachi Ops Center Common Services.This issue affects Hitachi Ops Center Common Services: from 10.9.3-00 before 11.0.2-01."
},
{
"lang": "es",
"value": "Vulnerabilidad de omisi\u00f3n de autenticaci\u00f3n en Hitachi Ops Center Common Services. Este problema afecta a los servicios comunes de Hitachi Ops Center: desde 10.9.3-00 antes de 11.0.2-01."
}
],
"id": "CVE-2024-7125",
"lastModified": "2025-01-21T19:10:14.850",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "hirt@hitachi.co.jp",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-08-27T05:15:13.307",
"references": [
{
"source": "hirt@hitachi.co.jp",
"tags": [
"Vendor Advisory"
],
"url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2024-143/index.html"
}
],
"sourceIdentifier": "hirt@hitachi.co.jp",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-288"
}
],
"source": "hirt@hitachi.co.jp",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-07-02 02:15
Modified
2025-01-21 19:14
Severity ?
5.1 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Summary
Incorrect Default Permissions, Improper Preservation of Permissions vulnerability in Hitachi Ops Center Common Services allows File Manipulation.This issue affects Hitachi Ops Center Common Services: before 11.0.2-00.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hitachi | ops_center_common_services | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hitachi:ops_center_common_services:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F9438A2-D842-4842-BC7C-AC397B5E9E61",
"versionEndExcluding": "11.0.2-00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Incorrect Default Permissions, Improper Preservation of Permissions vulnerability in Hitachi Ops Center Common Services allows File Manipulation.This issue affects Hitachi Ops Center Common Services: before 11.0.2-00."
},
{
"lang": "es",
"value": "La vulnerabilidad de permisos predeterminados incorrectos y preservaci\u00f3n inadecuada de permisos en los servicios comunes de Hitachi Ops Center permite la manipulaci\u00f3n de archivos. Este problema afecta a los servicios comunes de Hitachi Ops Center: anteriores a 11.0.2-00."
}
],
"id": "CVE-2024-2819",
"lastModified": "2025-01-21T19:14:24.217",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.5,
"impactScore": 2.5,
"source": "hirt@hitachi.co.jp",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-07-02T02:15:02.127",
"references": [
{
"source": "hirt@hitachi.co.jp",
"tags": [
"Vendor Advisory"
],
"url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2024-132/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2024-132/index.html"
}
],
"sourceIdentifier": "hirt@hitachi.co.jp",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-276"
},
{
"lang": "en",
"value": "CWE-281"
}
],
"source": "hirt@hitachi.co.jp",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-276"
},
{
"lang": "en",
"value": "CWE-281"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}