CVE-2023-6814

Name of the Vulnerable Software and Affected Versions Hitachi Cosminexus Component Container versions 11-00 through 11-00-12 Hitachi Cosminexus Component Container versions 11-10 through 11-10-10 Hitachi Cosminexus Component Container versions 11-20 through 11-20-07 Hitachi Cosminexus Component Container versions 11-30 through 11-30-05 Hitachi Cosminexus Component Container versions V8 and V9

Description The issue allows local users to gain sensitive information due to the insertion of sensitive information into log files. This is a problem related to the handling of sensitive data within the logging mechanism of the Hitachi Cosminexus Component Container.

Recommendations For versions 11-00 through 11-00-12, update to a version after 11-00-12 to resolve the issue. For versions 11-10 through 11-10-10, update to a version after 11-10-10 to resolve the issue. For versions 11-20 through 11-20-07, update to a version after 11-20-07 to resolve the issue. For versions 11-30 through 11-30-05, update to a version after 11-30-05 to resolve the issue. For versions V8 and V9, consider disabling logging or restricting access to log files as a temporary workaround until a patch is available.