Severity
Medium
Analysis Summary
CVE-2020-36652
Multiple Hitachi products could allow a local authenticated attacker to bypass security restrictions, caused by an incorrect default permissions vulnerability. By sending a specially-crafted request, an attacker could exploit this vulnerability to read and write specific files.
Impact
- Security Bypass
Indicators Of Compromise
CVE
- CVE-2020-36652
Affected Vendors
Hitachi
Affected Products
- Hitachi Automation Director
- Hitachi Infrastructure Analytics Advisor on Linux
- Hitachi Ops Center Analyzer on Linux
- Hitachi Ops Center Viewpoint on Linux
- Hitachi Ops Center Automator
Remediation
Refer to Hitachi Security Advisory for patch, upgrade or suggested workaround information.