Severity
High
Analysis Summary
CVE-2022-34883 CVSS:7.2
Hitachi RAID Manager Storage Replication Adapter could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by an OS command injection vulnerability. An attacker could exploit this vulnerability to execute arbitrary commands on the system.
CVE-2022-34882 CVSS:9
Hitachi RAID Manager Storage Replication Adapter could allow a remote authenticated attacker to obtain sensitive information, caused by information exposure through an error message. An attacker could exploit this vulnerability to obtain sensitive information and use this information to launch further attacks against the affected system.
Impact
- Command Execution
- Information Disclosure
Indicators Of Compromise
CVE
- CVE-2022-34883
- CVE-2022-34882
Affected Vendors
Hitachi
Affected Products
- Hitachi RAID Manager Storage Replication Adapter for Windows 02.01.04
- Hitachi RAID Manager Storage Replication Adapter for Windows 02.05.00
- Hitachi RAID Manager Storage Replication Adapter for Docker 02.05.00
Remediation
Refer to Hitachi Security Advisory for patch, upgrade or suggested workaround information.