CVE-2025-1978
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
Summary
Remote Code Execution Vulnerability in Hitachi Storage Navigator and the maintenance console in Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900, Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H, Hitachi Virtual Storage Platform One Block 23, One Block 24, One Block 26, One Block 28.
This issue affects Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900, Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H, Hitachi Virtual Storage Platform One Block 23, One Block 24, One Block 26, One Block 28 : before DKCMAIN Ver. 88-08-16-xx/00, SVP Ver. 88-08-18-xx/00, before DKCMAIN Ver. 93-07-26-xx/00, SVP Ver. 93-07-26-xx/00, before DKCMAIN Ver. A3-04-02-xx/00, MPC Ver. A3-04-02-xx/00, before DKCMAIN Ver. A3-03-41-xx/00, MPC Ver. A3-03-41-xx/00, before DKCMAIN Ver. A3-03-03-xx/00, MPC Ver. A3-03-03-xx/00.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Hitachi | Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900 | 0 < DKCMAIN Ver. 88-08-16-xx/00, SVP Ver. 88-08-18-xx/00 | affected |
| Hitachi | Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900 | 0 < DKCMAIN Ver. 93-07-26-xx/00, SVP Ver. 93-07-26-xx/00 | affected |
| Hitachi | Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900 | 0 < DKCMAIN Ver. A3-04-02-xx/00, MPC Ver. A3-04-02-xx/00 | affected |
| Hitachi | Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900 | 0 < DKCMAIN Ver. A3-03-41-xx/00, MPC Ver. A3-03-41-xx/00 | affected |
| Hitachi | Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900 | 0 < DKCMAIN Ver. A3-03-03-xx/00, MPC Ver. A3-03-03-xx/00 | affected |
| Hitachi | Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H | 0 < DKCMAIN Ver. 88-08-16-xx/00, SVP Ver. 88-08-18-xx/00 | affected |
| Hitachi | Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H | 0 < DKCMAIN Ver. 93-07-26-xx/00, SVP Ver. 93-07-26-xx/00 | affected |
| Hitachi | Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H | 0 < DKCMAIN Ver. A3-04-02-xx/00, MPC Ver. A3-04-02-xx/00 | affected |
| Hitachi | Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H | 0 < DKCMAIN Ver. A3-03-41-xx/00, MPC Ver. A3-03-41-xx/00 | affected |
| Hitachi | Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H | 0 < DKCMAIN Ver. A3-03-03-xx/00, MPC Ver. A3-03-03-xx/00 | affected |
| Hitachi | Hitachi Virtual Storage Platform One Block 23, One Block 24, One Block 26, One Block 28 | 0 < DKCMAIN Ver. 88-08-16-xx/00, SVP Ver. 88-08-18-xx/00 | affected |
| Hitachi | Hitachi Virtual Storage Platform One Block 23, One Block 24, One Block 26, One Block 28 | 0 < DKCMAIN Ver. 93-07-26-xx/00, SVP Ver. 93-07-26-xx/00 | affected |
| Hitachi | Hitachi Virtual Storage Platform One Block 23, One Block 24, One Block 26, One Block 28 | 0 < DKCMAIN Ver. A3-04-02-xx/00, MPC Ver. A3-04-02-xx/00 | affected |
| Hitachi | Hitachi Virtual Storage Platform One Block 23, One Block 24, One Block 26, One Block 28 | 0 < DKCMAIN Ver. A3-03-41-xx/00, MPC Ver. A3-03-41-xx/00 | affected |
| Hitachi | Hitachi Virtual Storage Platform One Block 23, One Block 24, One Block 26, One Block 28 | 0 < DKCMAIN Ver. A3-03-03-xx/00, MPC Ver. A3-03-03-xx/00 | affected |
Weaknesses
- CWE-94: CWE-94 Improper Control of Generation of Code ('Code Injection')
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: yes
- Technical Impact: partial
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.