[Japanese]

JVNDB-2024-003026

Security information for Hitachi Disk Array Systems

Overview

Log files of Hitachi Disk Array Systems have the CVE-2022-36407 Plaintext Storage of Passwords vulnerability.
CVSS Severity (What is CVSS?)

Affected Products


Hitachi, Ltd
  • Hitachi Unified Storage VM
  • Hitachi Virtual Storage Platform
  • Hitachi Virtual Storage Platform 5100
  • Hitachi Virtual Storage Platform 5200
  • Hitachi Virtual Storage Platform 5500
  • Hitachi Virtual Storage Platform 5600
  • Hitachi Virtual Storage Platform 5100H
  • Hitachi Virtual Storage Platform 5200H
  • Hitachi Virtual Storage Platform 5500H
  • Hitachi Virtual Storage Platform 5600H
  • Hitachi Virtual Storage Platform E390
  • Hitachi Virtual Storage Platform E590
  • Hitachi Virtual Storage Platform E790
  • Hitachi Virtual Storage Platform E990
  • Hitachi Virtual Storage Platform E1090
  • Hitachi Virtual Storage Platform E390H
  • Hitachi Virtual Storage Platform E590H
  • Hitachi Virtual Storage Platform E790H
  • Hitachi Virtual Storage Platform E1090H
  • Hitachi Virtual Storage Platform F350
  • Hitachi Virtual Storage Platform F370
  • Hitachi Virtual Storage Platform F400
  • Hitachi Virtual Storage Platform F600
  • Hitachi Virtual Storage Platform F700
  • Hitachi Virtual Storage Platform F800
  • Hitachi Virtual Storage Platform F900
  • Hitachi Virtual Storage Platform F1500
  • Hitachi Virtual Storage Platform G100
  • Hitachi Virtual Storage Platform G130
  • Hitachi Virtual Storage Platform G150
  • Hitachi Virtual Storage Platform G200
  • Hitachi Virtual Storage Platform G350
  • Hitachi Virtual Storage Platform G370
  • Hitachi Virtual Storage Platform G400
  • Hitachi Virtual Storage Platform G600
  • Hitachi Virtual Storage Platform G700
  • Hitachi Virtual Storage Platform G800
  • Hitachi Virtual Storage Platform G900
  • Hitachi Virtual Storage Platform G1000
  • Hitachi Virtual Storage Platform G1500
  • Hitachi Virtual Storage Platform VP9500

Please refer to Vendor Information for more details.
Impact

Regarding the impact of the vulnerability, please refer to the vendor advisory.

Solution

Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action.
Vendor Information

Hitachi, Ltd
CWE (What is CWE?)

  1. No Mapping(CWE-noinfo) [IPA Evaluation]
CVE (What is CVE?)

  1. CVE-2022-36407
References

Revision History

  • [2024/03/27]
      Web page was published

Date Public2024/03/25
Date First Published2024/03/27
Date Last Updated2024/03/27