CVE-2023-6814 : Insertion of Sensitive Information into Log File vulnerability in Hitachi Cosmin

Insertion of Sensitive Information into Log File vulnerability in Hitachi Cosminexus Component Container allows local users to gain sensitive information.This issue affects Cosminexus Component Container: from 11-30 before 11-30-05, from 11-20 before 11-20-07, from 11-10 before 11-10-10, from 11-00 before 11-00-12, All versions of V8 and V9.

Published 2024-03-12 04:15:08

Updated 2024-04-16 03:15:06

Source Hitachi, Ltd.

View at NVD, CVE.org

Products affected by CVE-2023-6814

Please log in to view affected product information.

Exploit prediction scoring system (EPSS) score for CVE-2023-6814

EPSS FAQ

0.01%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 2 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2023-6814

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
5.6	MEDIUM	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N	1.1	4.0	Hitachi, Ltd.	2024-03-12
Attack Vector: Local Attack Complexity: High Privileges Required: Low User Interaction: None Scope: Changed Confidentiality: High Integrity: None Availability: None

CWE ids for CVE-2023-6814

CWE-532 Insertion of Sensitive Information into Log File

The product writes sensitive information to a log file.

Assigned by: hirt@hitachi.co.jp (Secondary)

References for CVE-2023-6814

https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2024-118/index.html

Information Exposure Vulnerability in Cosminexus Component Container: Software Vulnerability Information: Software: Hitachi

Jump to

Vulnerability Details : CVE-2023-6814

Products affected by CVE-2023-6814

Exploit prediction scoring system (EPSS) score for CVE-2023-6814

CVSS scores for CVE-2023-6814

CWE ids for CVE-2023-6814

References for CVE-2023-6814