CVE-2020-36611 MEDIUM

CVE-2020-36611: File and Directory Permission Vulnerability in Hitachi Tuning Manager

Vendor Hitachi
Product Hitachi Tuning Manager
Weakness CWE-276
Published January 17, 2023
Last update April 3, 2025

CVSS base score

6.6/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H

What the vulnerability does

01Description

Incorrect Default Permissions vulnerability in Hitachi Tuning Manager on Linux (Hitachi Tuning Manager server, Hitachi Tuning Manager - Agent for RAID, Hitachi Tuning Manager - Agent for NAS, Hitachi Tuning Manager - Agent for SAN Switch components) allows local users to read and write specific files.This issue affects Hitachi Tuning Manager: before 8.8.5-00.

Key dates

02Disclosure timeline

January 17, 2023 CVE published
April 3, 2025 Record updated