CVE-2024-21840

Incorrect Default Permissions vulnerability in Hitachi Storage Plug-in for VMware vCenter allowslocal users to read and write specific files.

This issue affects Hitachi Storage Plug-in for VMware vCenter: from 04.0.0 through 04.9.2.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.9 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L
HitachiCNA
7.9 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 4%
VendorProductVersion
hitachistorage_plug-in
04.0.0 ≤
𝑥
< 04.10.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2024-108/index.html
https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2024-108/index.html