CVE-2020-36611

Published: Jan 17, 2023Modified: Nov 21, 2024

7.1

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Exploitability: 1.8 / Impact: 5.2

Source: NVD

Description

Incorrect Default Permissions vulnerability in Hitachi Tuning Manager on Linux (Hitachi Tuning Manager server, Hitachi Tuning Manager - Agent for RAID, Hitachi Tuning Manager - Agent for NAS, Hitachi Tuning Manager - Agent for SAN Switch components) allows local users to read and write specific files.This issue affects Hitachi Tuning Manager: before 8.8.5-00.

Affected (1)

Products: Hitachi: Tuning Manager

1 product

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hitachi Tuning Manager	Before 8.8.5-00

Running on/with	Platform Versions
Linux Linux Kernel	All versions

Related CWEs

Incorrect Default Permissions

During installation, installed file permissions are set to allow anyone to modify those files.

References (2)

https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-101/index.html

Source: hirt@hitachi.co.jp

Vendor Advisory

https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-101/index.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.