Rewterz Threat Alert – Snake Keylogger Malware – Active IOCs
October 5, 2023Rewterz Threat Advisory – ICS: Hitachi JP1/Performance Management Vulnerability
October 5, 2023Rewterz Threat Alert – Snake Keylogger Malware – Active IOCs
October 5, 2023Rewterz Threat Advisory – ICS: Hitachi JP1/Performance Management Vulnerability
October 5, 2023Severity
Medium
Analysis Summary
CVE-2023-3335 CVSS:6.5
Hitachi Ops Center Administrator on Linux could allow a local authenticated attacker to obtain sensitive information, caused by the insertion of sensitive information into log file vulnerability. By accessing the log file, an attacker could exploit this vulnerability to obtain sensitive information.
CVE-2023-3967 CVSS:5.3
Hitachi Ops Center Common Services on Linux is vulnerable to a denial of service, caused by the allocation of resources without limits or throttling vulnerability. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service.
Impact
- Information Theft
- Denial of Service
Indicators Of Compromise
CVE
- CVE-2023-3335
- CVE-2023-3967
Affected Vendors
Hitachi
Affected Products
- Hitachi Hitachi Ops Center Administrator on Linux
- Hitachi Ops Center Common Services on Linux
Remediation
Refer to Hitachi-sec-2023-140 for patch, upgrade or suggested workaround information.