CVE-2021-20740
N/A
N/A
Summary
Hitachi Virtual File Platform Versions prior to 5.5.3-09 and Versions prior to 6.4.3-09, and NEC Storage M Series NAS Gateway Nh4a/Nh8a versions prior to FOS 5.5.3-08(NEC2.5.4a) and Nh4b/Nh8b, Nh4c/Nh8c versions prior to FOS 6.4.3-08(NEC3.4.2) allow remote authenticated attackers to execute arbitrary OS commands with root privileges via unspecified vectors.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Hitachi and NEC Corporation | Hitachi Virtual File Platform and NEC Storage M Series NAS Gateway which uses Hitachi Virtual File Platform | Hitachi Virtual File Platform Versions prior to 5.5.3-09 and Versions prior to 6.4.3-09, and NEC Storage M Series NAS Gateway Nh4a/Nh8a versions prior to FOS 5.5.3-08(NEC2.5.4a) and Nh4b/Nh8b, Nh4c/Nh8c versions prior to FOS 6.4.3-08(NEC3.4.2) | affected |
Weaknesses
- OS Command Injection
ADP Enrichment
CVE Program Container
Additional References
- https://www.hitachi.co.jp/products/it/storage-solutions/global/sec_info/2021/2021_306.html
- https://jpn.nec.com/security-info/secinfo/nv21-011.html
- https://jvn.jp/en/jp/JVN21298724/index.html
References
- https://www.hitachi.co.jp/products/it/storage-solutions/global/sec_info/2021/2021_306.html
- https://jpn.nec.com/security-info/secinfo/nv21-011.html
- https://jvn.jp/en/jp/JVN21298724/index.html
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.