CVE-2023-6814 MEDIUM

CVE-2023-6814: Information Exposure Vulnerability in Cosminexus Component Container

Vendor Hitachi
Product Cosminexus Component Container
Weakness CWE-532 · Sensitive info in logs
Published March 12, 2024
Last update August 2, 2024

CVSS base score

5.6/10
Attack vector Local
Attack complexity High
Privileges required Low
User interaction None
Confidentiality High
Integrity None

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

What the vulnerability does

01Description

Insertion of Sensitive Information into Log File vulnerability in Hitachi Cosminexus Component Container allows local users to gain sensitive information.This issue affects Cosminexus Component Container: from 11-30 before 11-30-05, from 11-20 before 11-20-07, from 11-10 before 11-10-10, from 11-00 before 11-00-12, All versions of V8 and V9.

Key dates

02Disclosure timeline

March 12, 2024 CVE published
August 2, 2024 Record updated