CVE-2022-3191

Published Nov 1, 2022

Last updated a year ago

CVSS medium 5.5

Overview

Description: Insertion of Sensitive Information into Log File vulnerability in Hitachi Ops Center Analyzer on Linux (Virtual Strage Software Agent component) allows local users to gain sensitive information. This issue affects Hitachi Ops Center Analyzer: from 10.8.1-00 before 10.9.0-00
Source: hirt@hitachi.co.jp
NVD status: Modified

Risk scores

CVSS 3.1

Type: Primary
Base score: 5.5
Impact score: 3.6
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Severity: MEDIUM

Weaknesses

nvd@nist.gov: CWE-532
hirt@hitachi.co.jp: CWE-532

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:hitachi:ops_center_analyzer:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "754854E9-F6A8-4DDE-9CE6-F7E93AD6D722",
            "versionEndExcluding": "10.9.0-00",
            "versionStartIncluding": "10.8.1-00"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:x64:*",
            "vulnerable": false,
            "matchCriteriaId": "71BFBE5F-56EB-45C9-B558-FC4D7CEA345A"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References