CVE-2021-28052 - CERT CVE
ID CVE-2021-28052
Sažetak A tenant administrator Hitachi Content Platform (HCP) may modify the configuration in another tenant without authorization, potentially allowing unauthorized access to data in the other tenant. Also, a tenant user (non-administrator) may view configuration in another tenant without authorization. This issue affects: Hitachi Vantara Hitachi Content Platform versions prior to 8.3.7; 9.0.0 versions prior to 9.2.3.
Reference
CVSS
Base: 4.9
Impact: 3.6
Exploitability:1.2
Pristup
VektorSloženostAutentikacija
NETWORK LOW -
Impact
PovjerljivostCjelovitostDostupnost
HIGH NONE NONE
CVSS vektor CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Zadnje važnije ažuriranje 28-09-2022 - 13:39
Objavljeno 26-09-2022 - 16:15