Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2020-36652

MEDIUM
Published 2023-02-28T02:06:32.073Z
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2020-36652. We'll provide specific mitigation strategies based on your environment and risk profile.

CVSS Score

V3.1
6.6
/10
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
Base Score Metrics
Exploitability: N/A Impact: N/A

EPSS Score

v2025.03.14
0.000
probability
of exploitation in the wild

There is a 0.0% chance that this vulnerability will be exploited in the wild within the next 30 days.

Updated: 2025-06-25
Exploit Probability
Percentile: 0.071
Higher than 7.1% of all CVEs

Attack Vector Metrics

Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED

Impact Metrics

Confidentiality
LOW
Integrity
LOW
Availability
HIGH

Description

Incorrect Default Permissions vulnerability in Hitachi Automation Director on Linux, Hitachi Infrastructure Analytics Advisor on Linux (Hitachi Infrastructure Analytics Advisor, Analytics probe server components), Hitachi Ops Center Automator on Linux, Hitachi Ops Center Analyzer on Linux (Hitachi Ops Center Analyzer, Analyzer probe server components), Hitachi Ops Center Viewpoint on Linux (Viewpoint RAID Agent component) allows local users to read and write specific files.

This issue affects Hitachi Automation Director:

from 8.2.0-00 through 10.6.1-00; Hitachi Infrastructure Analytics Advisor: from 2.0.0-00 through 4.0.0-00; Hitachi Ops Center Automator: before 10.9.1-00; Hitachi Ops Center Analyzer: before 10.9.1-00; Hitachi Ops Center Viewpoint: before 10.9.1-00.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

Hitachi

Hitachi Automation Director

Affected Versions:

8.2.0-00
Hitachi

Hitachi Infrastructure Analytics Advisor

Affected Versions:

2.0.0-00
Hitachi

Hitachi Ops Center Automator

Affected Versions:

0
Hitachi

Hitachi Ops Center Analyzer

Affected Versions:

0
Hitachi

Hitachi Ops Center Viewpoint

Affected Versions:

0

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed HIGH

GHSA-95f9-5fff-hg3v

Advisory Details

Incorrect Default Permissions vulnerability in Hitachi Automation Director on Linux, Hitachi Infrastructure Analytics Advisor on Linux (Hitachi Infrastructure Analytics Advisor, Analytics probe server components), Hitachi Ops Center Automator on Linux, Hitachi Ops Center Analyzer on Linux (Hitachi Ops Center Analyzer, Analyzer probe server components), Hitachi Ops Center Viewpoint on Linux (Viewpoint RAID Agent component) allows local users to read and write specific files. This issue affects Hitachi Automation Director: from 8.2.0-00 through 10.6.1-00; Hitachi Infrastructure Analytics Advisor: from 2.0.0-00 through 4.0.0-00; Hitachi Ops Center Automator: before 10.9.1-00; Hitachi Ops Center Analyzer: before 10.9.1-00; Hitachi Ops Center Viewpoint: before 10.9.1-00.

CVSS Scoring

CVSS Score

7.5

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2020-36652
WEB https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-106/index.html

Advisory provided by GitHub Security Advisory Database. Published: February 28, 2023, Modified: March 13, 2023

References

https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-106/index.html
Published: 2023-02-28T02:06:32.073Z
Last Modified: 2025-03-07T18:12:57.576Z
Copied to clipboard!