[Japanese]

JVNDB-2020-001545

Security information for Hitachi Disk Array Systems

Overview

A cross site scripting vulnerability exists in the SVP(Storage Navigator) of the Hitachi disk array system.
CVSS Severity (What is CVSS?)

Affected Products


Hitachi, Ltd
  • Hitachi Virtual Storage Platform G130
  • Hitachi Virtual Storage Platform G150
  • Hitachi Virtual Storage Platform G350
  • Hitachi Virtual Storage Platform G370
  • Hitachi Virtual Storage Platform G700
  • Hitachi Virtual Storage Platform G900
  • Hitachi Virtual Storage Platform F350
  • Hitachi Virtual Storage Platform F370
  • Hitachi Virtual Storage Platform F700
  • Hitachi Virtual Storage Platform F900
  • Hitachi Virtual Storage Platform G100
  • Hitachi Virtual Storage Platform G200
  • Hitachi Virtual Storage Platform G400
  • Hitachi Virtual Storage Platform G600
  • Hitachi Virtual Storage Platform G800
  • Hitachi Virtual Storage Platform F400
  • Hitachi Virtual Storage Platform F600
  • Hitachi Virtual Storage Platform F800
  • Hitachi Virtual Storage Platform N600
  • Hitachi Virtual Storage Platform N800
  • Hitachi Virtual Storage Platform N400

Please refer to Vendor Information for more details.
Impact

Regerding the impact df the vulnerablilty, please refer to the ventor advisory.
Solution

Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action.
Vendor Information

Hitachi, Ltd
CWE (What is CWE?)

  1. No Mapping(CWE-noinfo) [IPA Evaluation]
CVE (What is CVE?)

References

Revision History

  • [2020/02/14]
      Web page was published

Date Public2020/02/13
Date First Published2020/02/14
Date Last Updated2020/02/14