CVE-2025-9661
8.1
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
OS command injection vulneravility in the management gui (maintenance utility) of Hitachi Virtual Storage Platform One Block 23, 24, 26 and 28.
This issue affects Hitachi Virtual Storage Platform One Block 23/24/26/28: before DKCMAIN A3-04-21-40/00, ESM A3-04-21/00.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Hitachi | Hitachi Virtual Storage Platform One Block 23 | 0 < DKCMAIN A3-04-21-40/00, ESM A3-04-21/00 | affected |
| Hitachi | Hitachi Virtual Storage Platform One Block 24 | 0 < DKCMAIN A3-04-21-40/00, ESM A3-04-21/00 | affected |
| Hitachi | Hitachi Virtual Storage Platform One Block 26 | 0 < DKCMAIN A3-04-21-40/00, ESM A3-04-21/00 | affected |
| Hitachi | Hitachi Virtual Storage Platform One Block 28 | 0 < DKCMAIN A3-04-21-40/00, ESM A3-04-21/00 | affected |
Weaknesses
- CWE-78: CWE-78 Improper neutralization of special elements used in an OS command ('OS command injection')
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.