CVE-2020-36652: File and Directory Permissions Vulnerability in Hitachi Automation Director, Hitachi Infrastructure Analytics Advisor, Hitachi Ops Center
First published: Tue Feb 28 2023(Updated: )
Incorrect Default Permissions vulnerability in Hitachi Automation Director on Linux, Hitachi Infrastructure Analytics Advisor on Linux (Hitachi Infrastructure Analytics Advisor, Analytics probe server components), Hitachi Ops Center Automator on Linux, Hitachi Ops Center Analyzer on Linux (Hitachi Ops Center Analyzer, Analyzer probe server components), Hitachi Ops Center Viewpoint on Linux (Viewpoint RAID Agent component) allows local users to read and write specific files. This issue affects Hitachi Automation Director: from 8.2.0-00 through 10.6.1-00; Hitachi Infrastructure Analytics Advisor: from 2.0.0-00 through 4.0.0-00; Hitachi Ops Center Automator: before 10.9.1-00; Hitachi Ops Center Analyzer: before 10.9.1-00; Hitachi Ops Center Viewpoint: before 10.9.1-00.
Credit: hirt@hitachi.co.jp
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Hitachi Automation Director | >=8.2.0-00<=10.6.1-00 | |
| Hitachi Infrastructure Analytics Advisor | >=2.0.0-00<=4.0.0-00 | |
| Hitachi Ops Center Analyzer | <10.9.1-00 | |
| Hitachi Ops Center Automator | <10.9.1-00 | |
| Hitachi Ops Center Viewpoint | <10.9.1-00 | |
| Linux Linux kernel |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this security issue?
The vulnerability ID for this security issue is CVE-2020-36652.
Which products are affected by this vulnerability?
This vulnerability affects Hitachi Automation Director, Hitachi Infrastructure Analytics Advisor, Hitachi Ops Center Automator, and Hitachi Ops Center Analyzer on Linux.
What is the severity of CVE-2020-36652?
The severity of CVE-2020-36652 is high with a CVSS score of 7.1.
How can I fix the Incorrect Default Permissions vulnerability in Hitachi software?
To fix the vulnerability, update the affected software version to the latest version available.
Where can I find more information about CVE-2020-36652?
You can find more information about CVE-2020-36652 at the following reference: [CVE-2020-36652](https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-106/index.html).
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/weakness
- agent/severity
- agent/title
- agent/author
- agent/last-modified-date
- agent/tags
- agent/first-publish-date
- agent/event
- agent/description
- vendor/hitachi
- canonical/hitachi automation director
- version/hitachi automation director/8.2.0-00
- version/hitachi automation director/10.6.1-00
- canonical/hitachi infrastructure analytics advisor
- version/hitachi infrastructure analytics advisor/2.0.0-00
- version/hitachi infrastructure analytics advisor/4.0.0-00
- canonical/hitachi ops center analyzer
- canonical/hitachi ops center automator
- canonical/hitachi ops center viewpoint
- vendor/linux
- canonical/linux linux kernel