Vulnerability Details : CVE-2022-3191
Insertion of Sensitive Information into Log File vulnerability in Hitachi Ops Center Analyzer on Linux (Virtual Strage Software Agent component) allows local users to gain sensitive information. This issue affects Hitachi Ops Center Analyzer: from 10.8.1-00 before 10.9.0-00
Products affected by CVE-2022-3191
- cpe:2.3:a:hitachi:ops_center_analyzer:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2022-3191
0.05%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 11 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2022-3191
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
6.6
|
MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L |
1.8
|
4.7
|
Hitachi, Ltd. | |
|
5.5
|
MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
1.8
|
3.6
|
NIST |
CWE ids for CVE-2022-3191
-
The product writes sensitive information to a log file.Assigned by:
- hirt@hitachi.co.jp (Secondary)
- nvd@nist.gov (Primary)
References for CVE-2022-3191
-
https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2022-134/index.html
Multiple Vulnerabilities in Hitachi Infrastructure Analytics Advisor, Hitachi Ops Center Analyzer and Hitachi Ops Center Viewpoint: Software Vulnerability Information: Software: HitachiVendor Advisory
Jump to