CVE-2025-2514

Summary

Improper restriction of excessive authentication attempts vulnerability in Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900, Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H, Hitachi Virtual Storage Platform One Block 23, One Block 24, One Block 26, One Block 28.

This issue affects Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900, Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H, Hitachi Virtual Storage Platform One Block 23, One Block 24, One Block 26, One Block 28  : before DKCMAIN Ver 88-08-16-xx/00, GUM Ver. 88-08-20/00, before DKCMAIN Ver 93-07-26-xx/00, GUM Ver. 93-07-26/00, before DKCMAIN Ver A3-04-02-xx/00, EMS Ver. A3-04-02/00, before DKCMAIN Ver A3-03-41-xx/00, EMS Ver. A3-03-41/00, before DKCMAIN Ver A3-03-03-xx/00, EMS Ver. A3-03-02/00.

Affected Software

VendorProductVersion RangeStatus
HitachiHitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F9000 < DKCMAIN Ver 88-08-16-xx/00, GUM Ver. 88-08-20/00affected
HitachiHitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F9000 < DKCMAIN Ver 93-07-26-xx/00, GUM Ver. 93-07-26/00affected
HitachiHitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F9000 < DKCMAIN Ver A3-04-02-xx/00, EMS Ver. A3-04-02/00affected
HitachiHitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F9000 < DKCMAIN Ver A3-03-41-xx/00, EMS Ver. A3-03-41/00affected
HitachiHitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F9000 < DKCMAIN Ver A3-03-03-xx/00, EMS Ver. A3-03-02/00affected
HitachiHitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H0 < DKCMAIN Ver 88-08-16-xx/00, GUM Ver. 88-08-20/00affected
HitachiHitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H0 < DKCMAIN Ver 93-07-26-xx/00, GUM Ver. 93-07-26/00affected
HitachiHitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H0 < DKCMAIN Ver A3-04-02-xx/00, EMS Ver. A3-04-02/00affected
HitachiHitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H0 < DKCMAIN Ver A3-03-41-xx/00, EMS Ver. A3-03-41/00affected
HitachiHitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H0 < DKCMAIN Ver A3-03-03-xx/00, EMS Ver. A3-03-02/00affected
HitachiHitachi Virtual Storage Platform One Block 23, One Block 24, One Block 26, One Block 280 < DKCMAIN Ver 88-08-16-xx/00, GUM Ver. 88-08-20/00affected
HitachiHitachi Virtual Storage Platform One Block 23, One Block 24, One Block 26, One Block 280 < DKCMAIN Ver 93-07-26-xx/00, GUM Ver. 93-07-26/00affected
HitachiHitachi Virtual Storage Platform One Block 23, One Block 24, One Block 26, One Block 280 < DKCMAIN Ver A3-04-02-xx/00, EMS Ver. A3-04-02/00affected
HitachiHitachi Virtual Storage Platform One Block 23, One Block 24, One Block 26, One Block 280 < DKCMAIN Ver A3-03-41-xx/00, EMS Ver. A3-03-41/00affected
HitachiHitachi Virtual Storage Platform One Block 23, One Block 24, One Block 26, One Block 280 < DKCMAIN Ver A3-03-03-xx/00, EMS Ver. A3-03-02/00affected

Weaknesses

  • CWE-307: CWE-307 Improper restriction of excessive authentication attempts

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References