Search criteria

1 vulnerability found for Hitachi Virtual Storage Platform G1000, G1500, F1500, VX7 by Hitachi

CVE-2025-7386 (GCVE-0-2025-7386)

Vulnerability from cvelistv5 – Published: 2026-06-29 05:22 – Updated: 2026-06-29 12:36
VLAI?
Title
Information exposure vulnerability in Hitachi Storage Navigator
Summary
Information exposure vulnerability in Hitachi Storage Navigator. This issue affects Hitachi Virtual Storage Platform 5100, 5200, 5500, 5600, 5100H, 5200H, 5500H, 5600H, VX8: before DKCMAIN Ver. 90-09-24-00/00, SVP Ver. 90-09-24/00, before DKCMAIN Ver. 90-08-86-00/00, SVP Ver. 90-08-86/00; Hitachi Virtual Storage Platform G1000, G1500, F1500, VX7: before DKCMAIN Ver. 80-06-96-00/00, SVP Ver. 80-06-91/00.
CWE
  • CWE-522 - Insufficiently Protected Credentials
Assigner
References
Impacted products
Vendor Product Version
Hitachi Hitachi Virtual Storage Platform 5100, 5200, 5500, 5600, 5100H, 5200H, 5500H, 5600H, VX8 Affected: 0 , < DKCMAIN Ver. 90-09-24-00/00, SVP Ver. 90-09-24/00 (custom)
Affected: 0 , < DKCMAIN Ver. 90-08-86-00/00, SVP Ver. 90-08-86/00 (custom)
Create a notification for this product.
    Hitachi Hitachi Virtual Storage Platform G1000, G1500, F1500, VX7 Affected: 0 , < DKCMAIN Ver. 80-06-96-00/00, SVP Ver. 80-06-91/00 (custom)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-7386",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-29T12:35:44.062299Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-29T12:36:33.277Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Hitachi Virtual Storage Platform 5100, 5200, 5500, 5600, 5100H, 5200H, 5500H, 5600H, VX8",
          "vendor": "Hitachi",
          "versions": [
            {
              "changes": [
                {
                  "at": "DKCMAIN Ver. 90-09-24-00/00, SVP Ver. 90-09-24/00",
                  "status": "unaffected"
                }
              ],
              "lessThan": "DKCMAIN Ver. 90-09-24-00/00, SVP Ver. 90-09-24/00",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "DKCMAIN Ver. 90-08-86-00/00, SVP Ver. 90-08-86/00",
                  "status": "unaffected"
                }
              ],
              "lessThan": "DKCMAIN Ver. 90-08-86-00/00, SVP Ver. 90-08-86/00",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Hitachi Virtual Storage Platform G1000, G1500, F1500, VX7",
          "vendor": "Hitachi",
          "versions": [
            {
              "changes": [
                {
                  "at": "DKCMAIN Ver. 80-06-96-00/00, SVP Ver. 80-06-91/00",
                  "status": "unaffected"
                }
              ],
              "lessThan": "DKCMAIN Ver. 80-06-96-00/00, SVP Ver. 80-06-91/00",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Information exposure vulnerability in Hitachi Storage Navigator.\u003cp\u003eThis issue affects Hitachi Virtual Storage Platform 5100, 5200, 5500, 5600, 5100H, 5200H, 5500H, 5600H, VX8: before DKCMAIN Ver. 90-09-24-00/00, SVP Ver. 90-09-24/00, before DKCMAIN Ver. 90-08-86-00/00, SVP Ver. 90-08-86/00; Hitachi Virtual Storage Platform G1000, G1500, F1500, VX7: before DKCMAIN Ver. 80-06-96-00/00, SVP Ver. 80-06-91/00.\u003c/p\u003e"
            }
          ],
          "value": "Information exposure vulnerability in Hitachi Storage Navigator.\n\nThis issue affects Hitachi Virtual Storage Platform 5100, 5200, 5500, 5600, 5100H, 5200H, 5500H, 5600H, VX8: before DKCMAIN Ver. 90-09-24-00/00, SVP Ver. 90-09-24/00, before DKCMAIN Ver. 90-08-86-00/00, SVP Ver. 90-08-86/00; Hitachi Virtual Storage Platform G1000, G1500, F1500, VX7: before DKCMAIN Ver. 80-06-96-00/00, SVP Ver. 80-06-91/00."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-114",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-114 Authentication Abuse"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-522",
              "description": "CWE-522 Insufficiently Protected Credentials",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-29T05:22:37.701Z",
        "orgId": "50d0f415-c707-4733-9afc-8f6c0e9b3f82",
        "shortName": "Hitachi"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.hitachi.com/products/it/storage-solutions/sec_info/2026/2026_301.html"
        }
      ],
      "source": {
        "advisory": "hitachi-sec-2026-301",
        "discovery": "UNKNOWN"
      },
      "title": "Information exposure vulnerability in Hitachi Storage Navigator",
      "x_generator": {
        "engine": "Vulnogram 1.0.2"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "50d0f415-c707-4733-9afc-8f6c0e9b3f82",
    "assignerShortName": "Hitachi",
    "cveId": "CVE-2025-7386",
    "datePublished": "2026-06-29T05:22:37.701Z",
    "dateReserved": "2025-07-09T10:16:02.704Z",
    "dateUpdated": "2026-06-29T12:36:33.277Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}