SMU versions before 14.8.7825.01 are susceptible to unintended information disclosure, through URL manipulation. Authenticated users in a Storage administrative role are able to access HNAS configuration backup and diagnostic data, that would normally be barred to that specific administrative role.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
hitachi vantara_hitachi_network_attached_storage |