July 1, 2022
Hitachi, Ltd. IT Platform Products Management Division
Hitachi Disk Array Systems have the following vulnerability.
Hitachi-sec-2022-306
CVE-2022-21123 | Shared Buffers Data Read (SBDR)
CVE-2022-21125 | Shared Buffers Data Sampling (SBDS)
CVE-2022-21127 | Special Register Buffer Data Sampling Update (SRBDS Update)
CVE-2022-21166 | Device Register Partial Write (DRPW)
CVE-2022-30132 | Windows Container Manager Service Elevation of Privilege Vulnerability
CVE-2022-30135 | Windows Media Center Elevation of Privilege Vulnerability
CVE-2022-30139 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
CVE-2022-30140 | Windows iSCSI Discovery Service Remote Code Execution Vulnerability
CVE-2022-30141 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
CVE-2022-30142 | Windows File History Remote Code Execution Vulnerability
CVE-2022-30143 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
CVE-2022-30145 | Windows Encrypting File System (EFS) Remote Code Execution Vulnerability
CVE-2022-30146 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
CVE-2022-30147 | Windows Installer Elevation of Privilege Vulnerability
CVE-2022-30148 | Windows Desired State Configuration (DSC) Information Disclosure Vulnerability
CVE-2022-30149 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
CVE-2022-30150 | Windows Defender Remote Credential Guard Elevation of Privilege Vulnerability
CVE-2022-30151 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2022-30152 | Windows Network Address Translation (NAT) Denial of Service Vulnerability
CVE-2022-30153 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
CVE-2022-30155 | Windows Kernel Denial of Service Vulnerability
CVE-2022-30160 | Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability
CVE-2022-30161 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
CVE-2022-30162 | Windows Kernel Information Disclosure Vulnerability
CVE-2022-30163 | Windows Hyper-V Remote Code Execution Vulnerability
CVE-2022-30164 | Kerberos App Container Security Feature Bypass Vulnerability
CVE-2022-30165 | Windows Kerberos Elevation of Privilege Vulnerability
CVE-2022-30166 | Local Security Authority Subsystem Service Elevation of Privilege Vulnerability
CVE-2022-32230 | Windows SMB Denial of Service Vulnerability
CVE-2022-30190 | Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability
The following table shows the affected products.
| Product Name |
Hitachi Virtual Storage Platform 5200, 5600, 5200H, 5600H Hitachi Virtual Storage Platform 5100, 5500, 5100H, 5500H |
|---|---|
| Vulnerability ID |
CVE-2022-21123, CVE-2022-21125, CVE-2022-21127, CVE-2022-21166, CVE-2022-30132, CVE-2022-30139, CVE-2022-30140, CVE-2022-30141, CVE-2022-30142, CVE-2022-30143, CVE-2022-30145, CVE-2022-30146, CVE-2022-30147, CVE-2022-30148, CVE-2022-30149, CVE-2022-30150, CVE-2022-30151, CVE-2022-30152, CVE-2022-30153, CVE-2022-30155, CVE-2022-30160, CVE-2022-30161, CVE-2022-30162, CVE-2022-30163, CVE-2022-30164, CVE-2022-30165, CVE-2022-30166, CVE-2022-32230, CVE-2022-30190 |
| Product Name |
Hitachi Virtual Storage Platform G1000, G1500 Hitachi Virtual Storage Platform F1500 Hitachi Virtual Storage Platform VX7 |
|---|---|
| Vulnerability ID |
CVE-2022-21123, CVE-2022-21125, CVE-2022-21127, CVE-2022-21166, CVE-2022-30139, CVE-2022-30140, CVE-2022-30141, CVE-2022-30142, CVE-2022-30143, CVE-2022-30146, CVE-2022-30147, CVE-2022-30149, CVE-2022-30151, CVE-2022-30152, CVE-2022-30153, CVE-2022-30155, CVE-2022-30160, CVE-2022-30161, CVE-2022-30162, CVE-2022-30163, CVE-2022-30164, CVE-2022-30166, CVE-2022-30190 |
The following products are not affected by the vulnerabilities:
Please refer to the Security Update Guide (Microsoft) about the vulnerabilities.
