Analysis Summary

CVE-2024-2244 CVSS:5.3

Hitachi Energy Asset Suite could allow a remote attacker to bypass security restrictions, caused by a REST service authentication anomaly when processing batch jobs. By using a combination of "valid username/no password", an attacker could exploit this vulnerability to invoke the aforementioned service.

CVE-2024-21840 CVSS:7.9

Hitachi Storage Plug-in for VMware vCenter could allow a local authenticated attacker to bypass security restrictions, caused by incorrect default permissions. By sending a specially crafted request, an attacker could exploit this vulnerability to read and write specific files.

CVE-2023-6457 CVSS:6.6

Hitachi Tuning Manager for Windows could allow a local authenticated attacker to bypass security restrictions, caused by a file and directory permissions vulnerability in the JP1/Performance Management endpoint. An attacker could exploit this vulnerability to read and write files.

CVE-2023-3517 CVSS:8.5

Hitachi Vantara Pentaho Data Integration and Analytics could allow a remote authenticated attacker to bypass security restrictions, caused by improper restriction of JNDI identifiers during the creation of XActions. An attacker could exploit this vulnerability to control system-level data sources.

CVE-2023-4518 CVSS:6.5

Hitachi Energy Relion 670 is vulnerable to a denial of service, caused by improper validation of user-supplied input by the IED component. By sending a specially crafted GOOSE message, a remote attacker could exploit this vulnerability to cause a denial of service.

Impact

• Denial of Service
• Security Bypass

Indicators of Compromise

CVE

• CVE-2024-2244
• CVE-2024-21840
• CVE-2023-6457
• CVE-2023-3517
• CVE-2024-4518

Affected Vendors

Remediation

Refer to Hitachi Security Advisory for patch, upgrade, or suggested workaround information.

CVE-2024-2244

CVE-2024-21840

CVE-2023-6457

CVE-2023-3517

CVE-2024-4518