Search criteria
1 vulnerability found for Hitachi Virtual Storage Platform G1000, G1500, F1500, VX7 by Hitachi
CVE-2025-7386 (GCVE-0-2025-7386)
Vulnerability from cvelistv5 – Published: 2026-06-29 05:22 – Updated: 2026-06-29 12:36
VLAI?
Title
Information exposure vulnerability in Hitachi Storage Navigator
Summary
Information exposure vulnerability in Hitachi Storage Navigator.
This issue affects Hitachi Virtual Storage Platform 5100, 5200, 5500, 5600, 5100H, 5200H, 5500H, 5600H, VX8: before DKCMAIN Ver. 90-09-24-00/00, SVP Ver. 90-09-24/00, before DKCMAIN Ver. 90-08-86-00/00, SVP Ver. 90-08-86/00; Hitachi Virtual Storage Platform G1000, G1500, F1500, VX7: before DKCMAIN Ver. 80-06-96-00/00, SVP Ver. 80-06-91/00.
Severity ?
6.8 (Medium)
CWE
- CWE-522 - Insufficiently Protected Credentials
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Hitachi | Hitachi Virtual Storage Platform 5100, 5200, 5500, 5600, 5100H, 5200H, 5500H, 5600H, VX8 |
Affected:
0 , < DKCMAIN Ver. 90-09-24-00/00, SVP Ver. 90-09-24/00
(custom)
Affected: 0 , < DKCMAIN Ver. 90-08-86-00/00, SVP Ver. 90-08-86/00 (custom) |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-7386",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-29T12:35:44.062299Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-29T12:36:33.277Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Hitachi Virtual Storage Platform 5100, 5200, 5500, 5600, 5100H, 5200H, 5500H, 5600H, VX8",
"vendor": "Hitachi",
"versions": [
{
"changes": [
{
"at": "DKCMAIN Ver. 90-09-24-00/00, SVP Ver. 90-09-24/00",
"status": "unaffected"
}
],
"lessThan": "DKCMAIN Ver. 90-09-24-00/00, SVP Ver. 90-09-24/00",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"changes": [
{
"at": "DKCMAIN Ver. 90-08-86-00/00, SVP Ver. 90-08-86/00",
"status": "unaffected"
}
],
"lessThan": "DKCMAIN Ver. 90-08-86-00/00, SVP Ver. 90-08-86/00",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Hitachi Virtual Storage Platform G1000, G1500, F1500, VX7",
"vendor": "Hitachi",
"versions": [
{
"changes": [
{
"at": "DKCMAIN Ver. 80-06-96-00/00, SVP Ver. 80-06-91/00",
"status": "unaffected"
}
],
"lessThan": "DKCMAIN Ver. 80-06-96-00/00, SVP Ver. 80-06-91/00",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Information exposure vulnerability in Hitachi Storage Navigator.\u003cp\u003eThis issue affects Hitachi Virtual Storage Platform 5100, 5200, 5500, 5600, 5100H, 5200H, 5500H, 5600H, VX8: before DKCMAIN Ver. 90-09-24-00/00, SVP Ver. 90-09-24/00, before DKCMAIN Ver. 90-08-86-00/00, SVP Ver. 90-08-86/00; Hitachi Virtual Storage Platform G1000, G1500, F1500, VX7: before DKCMAIN Ver. 80-06-96-00/00, SVP Ver. 80-06-91/00.\u003c/p\u003e"
}
],
"value": "Information exposure vulnerability in Hitachi Storage Navigator.\n\nThis issue affects Hitachi Virtual Storage Platform 5100, 5200, 5500, 5600, 5100H, 5200H, 5500H, 5600H, VX8: before DKCMAIN Ver. 90-09-24-00/00, SVP Ver. 90-09-24/00, before DKCMAIN Ver. 90-08-86-00/00, SVP Ver. 90-08-86/00; Hitachi Virtual Storage Platform G1000, G1500, F1500, VX7: before DKCMAIN Ver. 80-06-96-00/00, SVP Ver. 80-06-91/00."
}
],
"impacts": [
{
"capecId": "CAPEC-114",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-114 Authentication Abuse"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-522",
"description": "CWE-522 Insufficiently Protected Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-29T05:22:37.701Z",
"orgId": "50d0f415-c707-4733-9afc-8f6c0e9b3f82",
"shortName": "Hitachi"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.hitachi.com/products/it/storage-solutions/sec_info/2026/2026_301.html"
}
],
"source": {
"advisory": "hitachi-sec-2026-301",
"discovery": "UNKNOWN"
},
"title": "Information exposure vulnerability in Hitachi Storage Navigator",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "50d0f415-c707-4733-9afc-8f6c0e9b3f82",
"assignerShortName": "Hitachi",
"cveId": "CVE-2025-7386",
"datePublished": "2026-06-29T05:22:37.701Z",
"dateReserved": "2025-07-09T10:16:02.704Z",
"dateUpdated": "2026-06-29T12:36:33.277Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}