CVE-2023-6457 MEDIUM

CVE-2023-6457: File and Directory Permission Vulnerability in Hitachi Tuning Manager

Vendor Hitachi
Product Hitachi Tuning Manager
Weakness CWE-276
Published January 16, 2024
Last update October 23, 2024

CVSS base score

6.6/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H

What the vulnerability does

01Description

Incorrect Default Permissions vulnerability in Hitachi Tuning Manager on Windows (Hitachi Tuning Manager server component) allows local users to read and write specific files.This issue affects Hitachi Tuning Manager: before 8.8.5-04.

Key dates

02Disclosure timeline

January 16, 2024 CVE published
October 23, 2024 Record updated