CVE-2023-34142

Cleartext Transmission of Sensitive Information vulnerability in Hitachi Device Manager on Windows, Linux (Device Manager Server, Device Manager Agent, Host Data Collector components) allows Interception.This issue affects Hitachi Device Manager: before 8.8.5-02.

CVSS v3 9.0 CRITICAL

9.0^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 2.2 / Impact : 6.0

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope CHANGED

References

Link	Resource
https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-125/index.html	Vendor Advisory
https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-125/index.html	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:a:hitachi:device_manager:*:*:*:*:*:*:*:*

OR	cpe:2.3:o:linux:linux_kernel:-:::::::*
	cpe:2.3:o:microsoft:windows:-:::::::*

History

21 Nov 2024, 08:06

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~7.5~~	v2 : unknown v3 : 9.0
References	~~() https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-125/index.html - Vendor Advisory~~	() https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-125/index.html - Vendor Advisory

Information

Published : 2023-07-18 03:15

Updated : 2024-11-21 08:06

NVD link : CVE-2023-34142

Mitre link : CVE-2023-34142

CVE.ORG link : CVE-2023-34142

JSON object : View

Products Affected

linux

linux_kernel

hitachi

device_manager

microsoft

windows

CWE

CWE-319

Cleartext Transmission of Sensitive Information

{"id": "CVE-2023-34142", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "hirt@hitachi.co.jp", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.0, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 2.2}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2023-07-18T03:15:55.427", "references": [{"url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-125/index.html", "tags": ["Vendor Advisory"], "source": "hirt@hitachi.co.jp"}, {"url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-125/index.html", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "hirt@hitachi.co.jp", "description": [{"lang": "en", "value": "CWE-319"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-319"}]}], "descriptions": [{"lang": "en", "value": "Cleartext Transmission of Sensitive Information vulnerability in Hitachi Device Manager on Windows, Linux (Device Manager Server, Device Manager Agent, Host Data Collector components) allows Interception.This issue affects Hitachi Device Manager: before 8.8.5-02.\n\n"}], "lastModified": "2024-11-21T08:06:38.360", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:hitachi:device_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A7BAEB11-0356-426A-BAB8-1ED82F9FCF70", "versionEndExcluding": "8.8.5-02"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"}, {"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "hirt@hitachi.co.jp"}