Search
Find a vulnerability
Search criteria
2 vulnerabilities found for hirdb_server_with_additional_function by hitachi
CVE-2023-1995 (GCVE-0-2023-1995)
Vulnerability from nvd – Published: 2023-08-29 01:06 – Updated: 2024-09-30 17:47
VLAI
EPSS
VEX
Title
Insufficient Logging Vulnerability in HiRDB
Summary
Insufficient Logging vulnerability in Hitachi HiRDB Server, HiRDB Server With Addtional Function, HiRDB Structured Data Access Facility.This issue affects HiRDB Server: before 09-60-39, before 09-65-23,
before 09-66-17,
before 10-01-10, before 10-03-12, before 10-04-06, before 10-05-06, before 10-06-02; HiRDB Server With Addtional Function: before 09-60-2M, before 09-65-/W
, before 09-66-/Q
; HiRDB Structured Data Access Facility: before 09-60-39, before 10-03-12, before 10-04-06, before 10-06-02.
Severity
5.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-778 - Insufficient Logging
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.hitachi.com/products/it/software/secu… | vendor-advisory |
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Hitachi | HiRDB Server |
Affected:
07-03 , < 09-60
(custom)
Affected: 09-60 , < 09-60-39 (custom) Affected: 09-65 , < 09-65-23 (custom) Affected: 09-66 , < 09-66-17 (custom) Affected: 10-00 , ≤ 10-00-* (custom) Affected: 10-01 , < 10-01-10 (custom) Affected: 10-02 , ≤ 10-02-* (custom) Affected: 10-03 , < 10-03-12 (custom) Affected: 10-04 , < 10-04-06 (custom) Affected: 10-05 , < 10-05-06 (custom) Affected: 10-06 , < 10-06-02 (custom) |
|
| Hitachi | HiRDB Server With Addtional Function |
Affected:
07-03 , < 09-60
(custom)
Affected: 09-60 , < 09-60-2M (custom) Affected: 09-65 , < 09-65-/W (custom) Affected: 09-66 , < 09-66-/Q (custom) |
|
| Hitachi | HiRDB Structured Data Access Facility |
Affected:
07-03 , < 09-60
(custom)
Affected: 09-60 , < 09-60-39 (custom) Affected: 09-65 , ≤ 09-65-* (custom) Affected: 09-66 , ≤ 09-66-* (custom) Affected: 10-00 , ≤ 10-00-* (custom) Affected: 10-01 , ≤ 10-01-* (custom) Affected: 10-02 , ≤ 10-02-* (custom) Affected: 10-03 , < 10-03-12 (custom) Affected: 10-04 , < 10-04-06 (custom) Affected: 10-05 , ≤ 10-05-* (custom) Affected: 10-06 , < 10-06-02 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:05:27.126Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-133/index.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-1995",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-30T17:43:12.788960Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-30T17:47:27.988Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "HiRDB Server",
"vendor": "Hitachi",
"versions": [
{
"lessThan": "09-60",
"status": "affected",
"version": "07-03",
"versionType": "custom"
},
{
"changes": [
{
"at": "09-60-39",
"status": "unaffected"
}
],
"lessThan": "09-60-39",
"status": "affected",
"version": "09-60",
"versionType": "custom"
},
{
"changes": [
{
"at": "09-65-23",
"status": "unaffected"
}
],
"lessThan": "09-65-23",
"status": "affected",
"version": "09-65",
"versionType": "custom"
},
{
"changes": [
{
"at": "09-66-17",
"status": "unaffected"
}
],
"lessThan": "09-66-17",
"status": "affected",
"version": "09-66",
"versionType": "custom"
},
{
"lessThanOrEqual": "10-00-*",
"status": "affected",
"version": "10-00",
"versionType": "custom"
},
{
"changes": [
{
"at": "10-01-10",
"status": "unaffected"
}
],
"lessThan": "10-01-10",
"status": "affected",
"version": "10-01",
"versionType": "custom"
},
{
"lessThanOrEqual": "10-02-*",
"status": "affected",
"version": "10-02",
"versionType": "custom"
},
{
"changes": [
{
"at": "10-03-12",
"status": "unaffected"
}
],
"lessThan": "10-03-12",
"status": "affected",
"version": "10-03",
"versionType": "custom"
},
{
"changes": [
{
"at": "10-04-06",
"status": "unaffected"
}
],
"lessThan": "10-04-06",
"status": "affected",
"version": "10-04",
"versionType": "custom"
},
{
"changes": [
{
"at": "10-05-06",
"status": "unaffected"
}
],
"lessThan": "10-05-06",
"status": "affected",
"version": "10-05",
"versionType": "custom"
},
{
"changes": [
{
"at": "10-06-02",
"status": "unaffected"
}
],
"lessThan": "10-06-02",
"status": "affected",
"version": "10-06",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "HiRDB Server With Addtional Function",
"vendor": "Hitachi",
"versions": [
{
"lessThan": "09-60",
"status": "affected",
"version": "07-03",
"versionType": "custom"
},
{
"changes": [
{
"at": "09-60-2M",
"status": "unaffected"
}
],
"lessThan": "09-60-2M",
"status": "affected",
"version": "09-60",
"versionType": "custom"
},
{
"changes": [
{
"at": "09-65-/W",
"status": "unaffected"
}
],
"lessThan": "09-65-/W",
"status": "affected",
"version": "09-65",
"versionType": "custom"
},
{
"changes": [
{
"at": "09-66-/Q",
"status": "unaffected"
}
],
"lessThan": "09-66-/Q",
"status": "affected",
"version": "09-66",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "HiRDB Structured Data Access Facility",
"vendor": "Hitachi",
"versions": [
{
"lessThan": "09-60",
"status": "affected",
"version": "07-03",
"versionType": "custom"
},
{
"changes": [
{
"at": "09-60-39",
"status": "unaffected"
}
],
"lessThan": "09-60-39",
"status": "affected",
"version": "09-60",
"versionType": "custom"
},
{
"lessThanOrEqual": "09-65-*",
"status": "affected",
"version": "09-65",
"versionType": "custom"
},
{
"lessThanOrEqual": "09-66-*",
"status": "affected",
"version": "09-66",
"versionType": "custom"
},
{
"lessThanOrEqual": "10-00-*",
"status": "affected",
"version": "10-00",
"versionType": "custom"
},
{
"lessThanOrEqual": "10-01-*",
"status": "affected",
"version": "10-01",
"versionType": "custom"
},
{
"lessThanOrEqual": "10-02-*",
"status": "affected",
"version": "10-02",
"versionType": "custom"
},
{
"changes": [
{
"at": "10-03-12",
"status": "unaffected"
}
],
"lessThan": "10-03-12",
"status": "affected",
"version": "10-03",
"versionType": "custom"
},
{
"changes": [
{
"at": "10-04-06",
"status": "unaffected"
}
],
"lessThan": "10-04-06",
"status": "affected",
"version": "10-04",
"versionType": "custom"
},
{
"lessThanOrEqual": "10-05-*",
"status": "affected",
"version": "10-05",
"versionType": "custom"
},
{
"changes": [
{
"at": "10-06-02",
"status": "unaffected"
}
],
"lessThan": "10-06-02",
"status": "affected",
"version": "10-06",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Insufficient Logging vulnerability in Hitachi HiRDB Server, HiRDB Server With Addtional Function, HiRDB Structured Data Access Facility.\u003cp\u003eThis issue affects HiRDB Server: before 09-60-39, before 09-65-23, \n\nbefore 09-66-17, \n\nbefore 10-01-10, before 10-03-12, before 10-04-06, before 10-05-06, before 10-06-02; HiRDB Server With Addtional Function: before 09-60-2M, before 09-65-/W\n\n, before 09-66-/Q\n\n; HiRDB Structured Data Access Facility: before 09-60-39, before 10-03-12, before 10-04-06, before 10-06-02.\u003c/p\u003e"
}
],
"value": "Insufficient Logging vulnerability in Hitachi HiRDB Server, HiRDB Server With Addtional Function, HiRDB Structured Data Access Facility.This issue affects HiRDB Server: before 09-60-39, before 09-65-23, \n\nbefore 09-66-17, \n\nbefore 10-01-10, before 10-03-12, before 10-04-06, before 10-05-06, before 10-06-02; HiRDB Server With Addtional Function: before 09-60-2M, before 09-65-/W\n\n, before 09-66-/Q\n\n; HiRDB Structured Data Access Facility: before 09-60-39, before 10-03-12, before 10-04-06, before 10-06-02.\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-268",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-268 Audit Log Manipulation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-778",
"description": "CWE-778 Insufficient Logging",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-26T01:13:11.087Z",
"orgId": "50d0f415-c707-4733-9afc-8f6c0e9b3f82",
"shortName": "Hitachi"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-133/index.html"
}
],
"source": {
"advisory": "hitachi-sec-2023-133",
"discovery": "UNKNOWN"
},
"title": "Insufficient Logging Vulnerability in HiRDB",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "50d0f415-c707-4733-9afc-8f6c0e9b3f82",
"assignerShortName": "Hitachi",
"cveId": "CVE-2023-1995",
"datePublished": "2023-08-29T01:06:41.671Z",
"dateReserved": "2023-04-12T06:04:31.056Z",
"dateUpdated": "2024-09-30T17:47:27.988Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-1995 (GCVE-0-2023-1995)
Vulnerability from cvelistv5 – Published: 2023-08-29 01:06 – Updated: 2024-09-30 17:47
VLAI
EPSS
VEX
Title
Insufficient Logging Vulnerability in HiRDB
Summary
Insufficient Logging vulnerability in Hitachi HiRDB Server, HiRDB Server With Addtional Function, HiRDB Structured Data Access Facility.This issue affects HiRDB Server: before 09-60-39, before 09-65-23,
before 09-66-17,
before 10-01-10, before 10-03-12, before 10-04-06, before 10-05-06, before 10-06-02; HiRDB Server With Addtional Function: before 09-60-2M, before 09-65-/W
, before 09-66-/Q
; HiRDB Structured Data Access Facility: before 09-60-39, before 10-03-12, before 10-04-06, before 10-06-02.
Severity
5.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-778 - Insufficient Logging
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.hitachi.com/products/it/software/secu… | vendor-advisory |
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Hitachi | HiRDB Server |
Affected:
07-03 , < 09-60
(custom)
Affected: 09-60 , < 09-60-39 (custom) Affected: 09-65 , < 09-65-23 (custom) Affected: 09-66 , < 09-66-17 (custom) Affected: 10-00 , ≤ 10-00-* (custom) Affected: 10-01 , < 10-01-10 (custom) Affected: 10-02 , ≤ 10-02-* (custom) Affected: 10-03 , < 10-03-12 (custom) Affected: 10-04 , < 10-04-06 (custom) Affected: 10-05 , < 10-05-06 (custom) Affected: 10-06 , < 10-06-02 (custom) |
|
| Hitachi | HiRDB Server With Addtional Function |
Affected:
07-03 , < 09-60
(custom)
Affected: 09-60 , < 09-60-2M (custom) Affected: 09-65 , < 09-65-/W (custom) Affected: 09-66 , < 09-66-/Q (custom) |
|
| Hitachi | HiRDB Structured Data Access Facility |
Affected:
07-03 , < 09-60
(custom)
Affected: 09-60 , < 09-60-39 (custom) Affected: 09-65 , ≤ 09-65-* (custom) Affected: 09-66 , ≤ 09-66-* (custom) Affected: 10-00 , ≤ 10-00-* (custom) Affected: 10-01 , ≤ 10-01-* (custom) Affected: 10-02 , ≤ 10-02-* (custom) Affected: 10-03 , < 10-03-12 (custom) Affected: 10-04 , < 10-04-06 (custom) Affected: 10-05 , ≤ 10-05-* (custom) Affected: 10-06 , < 10-06-02 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:05:27.126Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-133/index.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-1995",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-30T17:43:12.788960Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-30T17:47:27.988Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "HiRDB Server",
"vendor": "Hitachi",
"versions": [
{
"lessThan": "09-60",
"status": "affected",
"version": "07-03",
"versionType": "custom"
},
{
"changes": [
{
"at": "09-60-39",
"status": "unaffected"
}
],
"lessThan": "09-60-39",
"status": "affected",
"version": "09-60",
"versionType": "custom"
},
{
"changes": [
{
"at": "09-65-23",
"status": "unaffected"
}
],
"lessThan": "09-65-23",
"status": "affected",
"version": "09-65",
"versionType": "custom"
},
{
"changes": [
{
"at": "09-66-17",
"status": "unaffected"
}
],
"lessThan": "09-66-17",
"status": "affected",
"version": "09-66",
"versionType": "custom"
},
{
"lessThanOrEqual": "10-00-*",
"status": "affected",
"version": "10-00",
"versionType": "custom"
},
{
"changes": [
{
"at": "10-01-10",
"status": "unaffected"
}
],
"lessThan": "10-01-10",
"status": "affected",
"version": "10-01",
"versionType": "custom"
},
{
"lessThanOrEqual": "10-02-*",
"status": "affected",
"version": "10-02",
"versionType": "custom"
},
{
"changes": [
{
"at": "10-03-12",
"status": "unaffected"
}
],
"lessThan": "10-03-12",
"status": "affected",
"version": "10-03",
"versionType": "custom"
},
{
"changes": [
{
"at": "10-04-06",
"status": "unaffected"
}
],
"lessThan": "10-04-06",
"status": "affected",
"version": "10-04",
"versionType": "custom"
},
{
"changes": [
{
"at": "10-05-06",
"status": "unaffected"
}
],
"lessThan": "10-05-06",
"status": "affected",
"version": "10-05",
"versionType": "custom"
},
{
"changes": [
{
"at": "10-06-02",
"status": "unaffected"
}
],
"lessThan": "10-06-02",
"status": "affected",
"version": "10-06",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "HiRDB Server With Addtional Function",
"vendor": "Hitachi",
"versions": [
{
"lessThan": "09-60",
"status": "affected",
"version": "07-03",
"versionType": "custom"
},
{
"changes": [
{
"at": "09-60-2M",
"status": "unaffected"
}
],
"lessThan": "09-60-2M",
"status": "affected",
"version": "09-60",
"versionType": "custom"
},
{
"changes": [
{
"at": "09-65-/W",
"status": "unaffected"
}
],
"lessThan": "09-65-/W",
"status": "affected",
"version": "09-65",
"versionType": "custom"
},
{
"changes": [
{
"at": "09-66-/Q",
"status": "unaffected"
}
],
"lessThan": "09-66-/Q",
"status": "affected",
"version": "09-66",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "HiRDB Structured Data Access Facility",
"vendor": "Hitachi",
"versions": [
{
"lessThan": "09-60",
"status": "affected",
"version": "07-03",
"versionType": "custom"
},
{
"changes": [
{
"at": "09-60-39",
"status": "unaffected"
}
],
"lessThan": "09-60-39",
"status": "affected",
"version": "09-60",
"versionType": "custom"
},
{
"lessThanOrEqual": "09-65-*",
"status": "affected",
"version": "09-65",
"versionType": "custom"
},
{
"lessThanOrEqual": "09-66-*",
"status": "affected",
"version": "09-66",
"versionType": "custom"
},
{
"lessThanOrEqual": "10-00-*",
"status": "affected",
"version": "10-00",
"versionType": "custom"
},
{
"lessThanOrEqual": "10-01-*",
"status": "affected",
"version": "10-01",
"versionType": "custom"
},
{
"lessThanOrEqual": "10-02-*",
"status": "affected",
"version": "10-02",
"versionType": "custom"
},
{
"changes": [
{
"at": "10-03-12",
"status": "unaffected"
}
],
"lessThan": "10-03-12",
"status": "affected",
"version": "10-03",
"versionType": "custom"
},
{
"changes": [
{
"at": "10-04-06",
"status": "unaffected"
}
],
"lessThan": "10-04-06",
"status": "affected",
"version": "10-04",
"versionType": "custom"
},
{
"lessThanOrEqual": "10-05-*",
"status": "affected",
"version": "10-05",
"versionType": "custom"
},
{
"changes": [
{
"at": "10-06-02",
"status": "unaffected"
}
],
"lessThan": "10-06-02",
"status": "affected",
"version": "10-06",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Insufficient Logging vulnerability in Hitachi HiRDB Server, HiRDB Server With Addtional Function, HiRDB Structured Data Access Facility.\u003cp\u003eThis issue affects HiRDB Server: before 09-60-39, before 09-65-23, \n\nbefore 09-66-17, \n\nbefore 10-01-10, before 10-03-12, before 10-04-06, before 10-05-06, before 10-06-02; HiRDB Server With Addtional Function: before 09-60-2M, before 09-65-/W\n\n, before 09-66-/Q\n\n; HiRDB Structured Data Access Facility: before 09-60-39, before 10-03-12, before 10-04-06, before 10-06-02.\u003c/p\u003e"
}
],
"value": "Insufficient Logging vulnerability in Hitachi HiRDB Server, HiRDB Server With Addtional Function, HiRDB Structured Data Access Facility.This issue affects HiRDB Server: before 09-60-39, before 09-65-23, \n\nbefore 09-66-17, \n\nbefore 10-01-10, before 10-03-12, before 10-04-06, before 10-05-06, before 10-06-02; HiRDB Server With Addtional Function: before 09-60-2M, before 09-65-/W\n\n, before 09-66-/Q\n\n; HiRDB Structured Data Access Facility: before 09-60-39, before 10-03-12, before 10-04-06, before 10-06-02.\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-268",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-268 Audit Log Manipulation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-778",
"description": "CWE-778 Insufficient Logging",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-26T01:13:11.087Z",
"orgId": "50d0f415-c707-4733-9afc-8f6c0e9b3f82",
"shortName": "Hitachi"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-133/index.html"
}
],
"source": {
"advisory": "hitachi-sec-2023-133",
"discovery": "UNKNOWN"
},
"title": "Insufficient Logging Vulnerability in HiRDB",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "50d0f415-c707-4733-9afc-8f6c0e9b3f82",
"assignerShortName": "Hitachi",
"cveId": "CVE-2023-1995",
"datePublished": "2023-08-29T01:06:41.671Z",
"dateReserved": "2023-04-12T06:04:31.056Z",
"dateUpdated": "2024-09-30T17:47:27.988Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}