Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for Hitachi Virtual Storage Platform G1000, G1500, F1500, VX7 by Hitachi

    CVE-2025-7386 (GCVE-0-2025-7386)

    Vulnerability from nvd – Published: 2026-06-29 05:22 – Updated: 2026-06-29 12:36
    VLAI
    Title
    Information exposure vulnerability in Hitachi Storage Navigator
    Summary
    Information exposure vulnerability in Hitachi Storage Navigator. This issue affects Hitachi Virtual Storage Platform 5100, 5200, 5500, 5600, 5100H, 5200H, 5500H, 5600H, VX8: before DKCMAIN Ver. 90-09-24-00/00, SVP Ver. 90-09-24/00, before DKCMAIN Ver. 90-08-86-00/00, SVP Ver. 90-08-86/00; Hitachi Virtual Storage Platform G1000, G1500, F1500, VX7: before DKCMAIN Ver. 80-06-96-00/00, SVP Ver. 80-06-91/00.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-522 - Insufficiently Protected Credentials
    Assigner
    References
    Impacted products
    Vendor Product Version
    Hitachi Hitachi Virtual Storage Platform 5100, 5200, 5500, 5600, 5100H, 5200H, 5500H, 5600H, VX8 Affected: 0 , < DKCMAIN Ver. 90-09-24-00/00, SVP Ver. 90-09-24/00 (custom)
    Affected: 0 , < DKCMAIN Ver. 90-08-86-00/00, SVP Ver. 90-08-86/00 (custom)
    Create a notification for this product.
    Hitachi Hitachi Virtual Storage Platform G1000, G1500, F1500, VX7 Affected: 0 , < DKCMAIN Ver. 80-06-96-00/00, SVP Ver. 80-06-91/00 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-7386",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-29T12:35:44.062299Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-29T12:36:33.277Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Hitachi Virtual Storage Platform 5100, 5200, 5500, 5600, 5100H, 5200H, 5500H, 5600H, VX8",
              "vendor": "Hitachi",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "DKCMAIN Ver. 90-09-24-00/00, SVP Ver. 90-09-24/00",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "DKCMAIN Ver. 90-09-24-00/00, SVP Ver. 90-09-24/00",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "DKCMAIN Ver. 90-08-86-00/00, SVP Ver. 90-08-86/00",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "DKCMAIN Ver. 90-08-86-00/00, SVP Ver. 90-08-86/00",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Hitachi Virtual Storage Platform G1000, G1500, F1500, VX7",
              "vendor": "Hitachi",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "DKCMAIN Ver. 80-06-96-00/00, SVP Ver. 80-06-91/00",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "DKCMAIN Ver. 80-06-96-00/00, SVP Ver. 80-06-91/00",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Information exposure vulnerability in Hitachi Storage Navigator.\u003cp\u003eThis issue affects Hitachi Virtual Storage Platform 5100, 5200, 5500, 5600, 5100H, 5200H, 5500H, 5600H, VX8: before DKCMAIN Ver. 90-09-24-00/00, SVP Ver. 90-09-24/00, before DKCMAIN Ver. 90-08-86-00/00, SVP Ver. 90-08-86/00; Hitachi Virtual Storage Platform G1000, G1500, F1500, VX7: before DKCMAIN Ver. 80-06-96-00/00, SVP Ver. 80-06-91/00.\u003c/p\u003e"
                }
              ],
              "value": "Information exposure vulnerability in Hitachi Storage Navigator.\n\nThis issue affects Hitachi Virtual Storage Platform 5100, 5200, 5500, 5600, 5100H, 5200H, 5500H, 5600H, VX8: before DKCMAIN Ver. 90-09-24-00/00, SVP Ver. 90-09-24/00, before DKCMAIN Ver. 90-08-86-00/00, SVP Ver. 90-08-86/00; Hitachi Virtual Storage Platform G1000, G1500, F1500, VX7: before DKCMAIN Ver. 80-06-96-00/00, SVP Ver. 80-06-91/00."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-114",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-114 Authentication Abuse"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-522",
                  "description": "CWE-522 Insufficiently Protected Credentials",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-29T05:22:37.701Z",
            "orgId": "50d0f415-c707-4733-9afc-8f6c0e9b3f82",
            "shortName": "Hitachi"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.hitachi.com/products/it/storage-solutions/sec_info/2026/2026_301.html"
            }
          ],
          "source": {
            "advisory": "hitachi-sec-2026-301",
            "discovery": "UNKNOWN"
          },
          "title": "Information exposure vulnerability in Hitachi Storage Navigator",
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "50d0f415-c707-4733-9afc-8f6c0e9b3f82",
        "assignerShortName": "Hitachi",
        "cveId": "CVE-2025-7386",
        "datePublished": "2026-06-29T05:22:37.701Z",
        "dateReserved": "2025-07-09T10:16:02.704Z",
        "dateUpdated": "2026-06-29T12:36:33.277Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-7386 (GCVE-0-2025-7386)

    Vulnerability from cvelistv5 – Published: 2026-06-29 05:22 – Updated: 2026-06-29 12:36
    VLAI
    Title
    Information exposure vulnerability in Hitachi Storage Navigator
    Summary
    Information exposure vulnerability in Hitachi Storage Navigator. This issue affects Hitachi Virtual Storage Platform 5100, 5200, 5500, 5600, 5100H, 5200H, 5500H, 5600H, VX8: before DKCMAIN Ver. 90-09-24-00/00, SVP Ver. 90-09-24/00, before DKCMAIN Ver. 90-08-86-00/00, SVP Ver. 90-08-86/00; Hitachi Virtual Storage Platform G1000, G1500, F1500, VX7: before DKCMAIN Ver. 80-06-96-00/00, SVP Ver. 80-06-91/00.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-522 - Insufficiently Protected Credentials
    Assigner
    References
    Impacted products
    Vendor Product Version
    Hitachi Hitachi Virtual Storage Platform 5100, 5200, 5500, 5600, 5100H, 5200H, 5500H, 5600H, VX8 Affected: 0 , < DKCMAIN Ver. 90-09-24-00/00, SVP Ver. 90-09-24/00 (custom)
    Affected: 0 , < DKCMAIN Ver. 90-08-86-00/00, SVP Ver. 90-08-86/00 (custom)
    Create a notification for this product.
    Hitachi Hitachi Virtual Storage Platform G1000, G1500, F1500, VX7 Affected: 0 , < DKCMAIN Ver. 80-06-96-00/00, SVP Ver. 80-06-91/00 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-7386",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-29T12:35:44.062299Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-29T12:36:33.277Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Hitachi Virtual Storage Platform 5100, 5200, 5500, 5600, 5100H, 5200H, 5500H, 5600H, VX8",
              "vendor": "Hitachi",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "DKCMAIN Ver. 90-09-24-00/00, SVP Ver. 90-09-24/00",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "DKCMAIN Ver. 90-09-24-00/00, SVP Ver. 90-09-24/00",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "DKCMAIN Ver. 90-08-86-00/00, SVP Ver. 90-08-86/00",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "DKCMAIN Ver. 90-08-86-00/00, SVP Ver. 90-08-86/00",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Hitachi Virtual Storage Platform G1000, G1500, F1500, VX7",
              "vendor": "Hitachi",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "DKCMAIN Ver. 80-06-96-00/00, SVP Ver. 80-06-91/00",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "DKCMAIN Ver. 80-06-96-00/00, SVP Ver. 80-06-91/00",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Information exposure vulnerability in Hitachi Storage Navigator.\u003cp\u003eThis issue affects Hitachi Virtual Storage Platform 5100, 5200, 5500, 5600, 5100H, 5200H, 5500H, 5600H, VX8: before DKCMAIN Ver. 90-09-24-00/00, SVP Ver. 90-09-24/00, before DKCMAIN Ver. 90-08-86-00/00, SVP Ver. 90-08-86/00; Hitachi Virtual Storage Platform G1000, G1500, F1500, VX7: before DKCMAIN Ver. 80-06-96-00/00, SVP Ver. 80-06-91/00.\u003c/p\u003e"
                }
              ],
              "value": "Information exposure vulnerability in Hitachi Storage Navigator.\n\nThis issue affects Hitachi Virtual Storage Platform 5100, 5200, 5500, 5600, 5100H, 5200H, 5500H, 5600H, VX8: before DKCMAIN Ver. 90-09-24-00/00, SVP Ver. 90-09-24/00, before DKCMAIN Ver. 90-08-86-00/00, SVP Ver. 90-08-86/00; Hitachi Virtual Storage Platform G1000, G1500, F1500, VX7: before DKCMAIN Ver. 80-06-96-00/00, SVP Ver. 80-06-91/00."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-114",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-114 Authentication Abuse"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-522",
                  "description": "CWE-522 Insufficiently Protected Credentials",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-29T05:22:37.701Z",
            "orgId": "50d0f415-c707-4733-9afc-8f6c0e9b3f82",
            "shortName": "Hitachi"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.hitachi.com/products/it/storage-solutions/sec_info/2026/2026_301.html"
            }
          ],
          "source": {
            "advisory": "hitachi-sec-2026-301",
            "discovery": "UNKNOWN"
          },
          "title": "Information exposure vulnerability in Hitachi Storage Navigator",
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "50d0f415-c707-4733-9afc-8f6c0e9b3f82",
        "assignerShortName": "Hitachi",
        "cveId": "CVE-2025-7386",
        "datePublished": "2026-06-29T05:22:37.701Z",
        "dateReserved": "2025-07-09T10:16:02.704Z",
        "dateUpdated": "2026-06-29T12:36:33.277Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }