Rewterz Threat Alerts – BumbleBee Malware – Active IOCs
February 1, 2023Rewterz Threat Alert – North Korean APT Kimsuky Aka Black Banshee – Active IOCs
February 1, 2023Rewterz Threat Alerts – BumbleBee Malware – Active IOCs
February 1, 2023Rewterz Threat Alert – North Korean APT Kimsuky Aka Black Banshee – Active IOCs
February 1, 2023Severity
Medium
Analysis Summary
CVE-2022-4041 CVSS:5.9
Hitachi Storage Plug-in for VMware vCenter could allow a remote authenticated attacker to gain elevated privileges on the system, caused by incorrect privilege assignment. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges.
CVE-2022-4441 CVSS:7.5
Hitachi Storage Plug-in for VMware vCenter could allow a remote authenticated attacker to gain elevated privileges on the system, caused by incorrect privilege assignment. By sending a specially crafted request, an attacker could exploit this vulnerability to gain elevated privileges on the system.
Impact
- Privilege Escalation
Indicators Of Compromise
CVE
- CVE-2022-4041
- CVE-2022-4441
Affected Vendors
Hitachi
Affected Products
- Hitachi Storage Plug-in for VMware vCenter 04.8.0
- Hitachi Storage Plug-in for VMware vCenter 04.9.0
Remediation
Refer to Hitachi Security Advisory for patch, upgrade or suggested workaround information.