CVE-2020-36605 MEDIUM

CVE-2020-36605: File Permissions Vulnerability in Hitachi Infrastructure Analytics Advisor, Hitachi Ops Center Analyzer, Hitachi Ops Center Viewpoint

Vendor Hitachi
Product Hitachi Infrastructure Analytics Advisor
Weakness CWE-276
Published November 1, 2022
Last update May 5, 2025

CVSS base score

6.6/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H

What the vulnerability does

01Description

Incorrect Default Permissions vulnerability in Hitachi Infrastructure Analytics Advisor on Linux (Analytics probe component), Hitachi Ops Center Analyzer on Linux (Analyzer probe component), Hitachi Ops Center Viewpoint on Linux (Viewpoint RAID Agent component) allows local users to read and write specific files. This issue affects Hitachi Infrastructure Analytics Advisor: from 2.0.0-00 through 4.4.0-00; Hitachi Ops Center Analyzer: from 10.0.0-00 before 10.9.0-00; Hitachi Ops Center Viewpoint: from 10.8.0-00 before 10.9.0-00.

Key dates

02Disclosure timeline

November 1, 2022 CVE published
May 5, 2025 Record updated