CVE-2022-36407

Name of the Vulnerable Software and Affected Versions Hitachi Virtual Storage Platform versions prior to DKCMAIN Ver. 70-06-74-00/00, SVP Ver. 70-06-58/00 Hitachi Virtual Storage Platform VP9500 versions prior to DKCMAIN Ver. 70-06-74-00/00, SVP Ver. 70-06-58/00 Hitachi Virtual Storage Platform G1000, G1500 versions prior to DKCMAIN Ver. 80-06-92-00/00, SVP Ver. 80-06-87/00 Hitachi Virtual Storage Platform F1500 versions prior to DKCMAIN Ver. 80-06-92-00/00, SVP Ver. 80-06-87/00 Hitachi Virtual Storage Platform 5100, 5500, 5100H, 5500H versions prior to DKCMAIN Ver. 90-08-81-00/00, SVP Ver. 90-08-81/00 Hitachi Virtual Storage Platform 5200, 5600, 5200H, 5600H versions prior to DKCMAIN Ver. 90-08-81-00/00, SVP Ver. 90-08-81/00 Hitachi Unified Storage VM versions prior to DKCMAIN Ver. 73-03-75-X0/00, SVP Ver. 73-03-74/00 Hitachi Virtual Storage Platform G100, G200, G400, G600, G800 versions prior to DKCMAIN Ver. 83-06-19-X0/00, SVP Ver. 83-06-20-X0/00 Hitachi Virtual Storage Platform F400, F600, F800 versions prior to DKCMAIN Ver. 83-06-19-X0/00, SVP Ver. 83-06-20-X0/00 Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900 versions prior to DKCMAIN Ver. 88-08-09-XX/00, SVP Ver. 88-08-11-X0/02 Hitachi Virtual Storage Platform F350, F370, F700, F900 versions prior to DKCMAIN Ver. 88-08-09-XX/00, SVP Ver. 88-08-11-X0/02 Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H versions prior to DKCMAIN Ver. 93-06-81-X0/00, SVP Ver. 93-06-81-X0/00

Description The issue allows local users to gain sensitive information through the insertion of sensitive information into log files. This can be exploited by an attacker to disclose protected information.

Recommendations For Hitachi Virtual Storage Platform versions prior to DKCMAIN Ver. 70-06-74-00/00, SVP Ver. 70-06-58/00, update to a version that includes the fix for this issue. For Hitachi Virtual Storage Platform VP9500 versions prior to DKCMAIN Ver. 70-06-74-00/00, SVP Ver. 70-06-58/00, update to a version that includes the fix for this issue. For Hitachi Virtual Storage Platform G1000, G1500 versions prior to DKCMAIN Ver. 80-06-92-00/00, SVP Ver. 80-06-87/00, update to a version that includes the fix for this issue. For Hitachi Virtual Storage Platform F1500 versions prior to DKCMAIN Ver. 80-06-92-00/00, SVP Ver. 80-06-87/00, update to a version that includes the fix for this issue. For Hitachi Virtual Storage Platform 5100, 5500, 5100H, 5500H versions prior to DKCMAIN Ver. 90-08-81-00/00, SVP Ver. 90-08-81/00, update to a version that includes the fix for this issue. For Hitachi Virtual Storage Platform 5200, 5600, 5200H, 5600H versions prior to DKCMAIN Ver. 90-08-81-00/00, SVP Ver. 90-08-81/00, update to a version that includes the fix for this issue. For Hitachi Unified Storage VM versions prior to DKCMAIN Ver. 73-03-75-X0/00, SVP Ver. 73-03-74/00, update to a version that includes the fix for this issue. For Hitachi Virtual Storage Platform G100, G200, G400, G600, G800 versions prior to DKCMAIN Ver. 83-06-19-X0/00, SVP Ver. 83-06-20-X0/00, update to a version that includes the fix for this issue. For Hitachi Virtual Storage Platform F400, F600, F800 versions prior to DKCMAIN Ver. 83-06-19-X0/00, SVP Ver. 83-06-20-X0/00, update to a version that includes the fix for this issue. For Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900 versions prior to DKCMAIN Ver. 88-08-09-XX/00, SVP Ver. 88-08-11-X0/02, update to a version that includes the fix for this issue. For Hitachi Virtual Storage Platform F350, F370, F700, F900 versions prior to DKCMAIN Ver. 88-08-09-XX/00, SVP Ver. 88-08-11-X0/02, update to a version that includes the fix for this issue. For Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H versions prior to DKCMAIN Ver. 93-06-81-X0/00, SVP Ver. 93-06-81-X0/00, update to a version that includes the fix for this issue.