PT-2020-8677 · Hitachi · Hitachi Device Manager+3

Piotr Madej

Published

2020-02-14

Updated

2020-02-27

CVE-2018-21032

CVSS v3.1

4.3

Medium

Vector

AC:L/AV:N/A:N/C:L/I:N/PR:L/S:U/UI:N

Name of the Vulnerable Software and Affected Versions Hitachi Command Suite versions prior to 8.7.1-00 Hitachi Automation Director versions prior to 8.5.0-00

Description A vulnerability allows authenticated remote users to expose technical information through error messages. This issue affects products including Hitachi Device Manager and Hitachi Compute Systems Manager.

Recommendations For Hitachi Command Suite versions prior to 8.7.1-00, update to version 8.7.1-00 or later. For Hitachi Automation Director versions prior to 8.5.0-00, update to version 8.5.0-00 or later.

Fix

Generation of Error Message Containing Sensitive Information

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-209

Related Identifiers

CVE-2018-21032

Affected Products

Hitachi Automation Director

Hitachi Command Suite

Hitachi Compute Systems Manager

Hitachi Device Manager

PT-2020-8677 · Hitachi · Hitachi Device Manager+3

CVE-2018-21032

Weakness Enumeration

Related Identifiers

Affected Products

References · 4