CVE-2020-36611: File and Directory Permission Vulnerability in Hitachi Tuning Manager
First published: Tue Jan 17 2023(Updated: )
Incorrect Default Permissions vulnerability in Hitachi Tuning Manager on Linux (Hitachi Tuning Manager server, Hitachi Tuning Manager - Agent for RAID, Hitachi Tuning Manager - Agent for NAS, Hitachi Tuning Manager - Agent for SAN Switch components) allows local users to read and write specific files.This issue affects Hitachi Tuning Manager: before 8.8.5-00.
Credit: hirt@hitachi.co.jp
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Hitachi Tuning Manager | <8.8.5-00 | |
| Linux Linux kernel |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this issue?
The vulnerability ID of this issue is CVE-2020-36611.
What is the affected software?
The affected software includes Hitachi Tuning Manager on Linux (Hitachi Tuning Manager server, Hitachi Tuning Manager - Agent for RAID, Hitachi Tuning Manager - Agent for NAS, Hitachi Tuning Manager - Agent for SAN Switch components).
What is the severity rating of CVE-2020-36611?
The severity rating of CVE-2020-36611 is high with a CVSS score of 7.1.
How can local users exploit this vulnerability?
Local users can exploit this vulnerability to read and write specific files.
Is the Linux kernel vulnerable to CVE-2020-36611?
No, the Linux kernel is not vulnerable to CVE-2020-36611.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/author
- agent/references
- agent/title
- agent/last-modified-date
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- vendor/hitachi
- canonical/hitachi tuning manager
- vendor/linux
- canonical/linux linux kernel