SMU versions prior to 14.8.7825.01 are susceptible to unintended information disclosure, through URL manipulation. Authenticated users in a Storage administrative role are able to access HNAS configuration backup and diagnostic data, that would normally be barred to that specific administrative role.
Configurations
Configuration 1 (hide)
AND |
|
History
12 Dec 2023, 17:15
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* cpe:2.3:a:hitachi:vantara_hitachi_network_attached_storage:*:*:*:*:*:*:*:* |
|
References |
|
|
CWE | CWE-287 | |
First Time |
Hitachi
Microsoft Hitachi vantara Hitachi Network Attached Storage Microsoft windows |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
Summary | SMU versions prior to 14.8.7825.01 are susceptible to unintended information disclosure, through URL manipulation. Authenticated users in a Storage administrative role are able to access HNAS configuration backup and diagnostic data, that would normally be barred to that specific administrative role. |
07 Dec 2023, 21:15
Type | Values Removed | Values Added |
---|---|---|
Summary | SMU versions prior to 14.8.7825.01 are susceptible to unintended information disclosure, through URL manipulation. Authenticated users in Storage, Server or combined Server+Storage administrative roles are able to access HNAS configuration backup and diagnostic data, that would normally be barred to those specific administrative roles. |
05 Dec 2023, 00:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-12-05 00:15
Updated : 2024-02-28 20:54
NVD link : CVE-2023-5808
Mitre link : CVE-2023-5808
CVE.ORG link : CVE-2023-5808
JSON object : View
Products Affected
microsoft
- windows
hitachi
- vantara_hitachi_network_attached_storage