Multiple vulnerabilities have been found in Hitachi Command Suite, Hitachi Automation Director, Hitachi Configuration Manager, Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center.
Vulnerability description
Multiple vulnerabilities have been found in Hitachi Command Suite, Hitachi Automation Director, Hitachi Configuration Manager, Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center.
CVE-2022-21426, CVE-2022-21434, CVE-2022-21443, CVE-2022-21476, CVE-2022-21496
Affected products and versions are listed below. Please upgrade your version to the appropriate version, or apply the Workarounds.
The product name in Hitachi Command Suite is changed in Hitachi Ops Center series on some products. To find fixed products, need to find same number following product name in [Affected products] and [Fixed products].
Fixed products
The information is organized under the following headings:
(Example)
Product name: Gives the name of the fixed product.
Version:
- Platform
- Gives the fixed version, and release date.
Scheduled version:
- Platform
- Gives the fixed version scheduled to be released.
- Hitachi Command Suite
Product name: Hitachi Device Manager(*1)(*2) ---(1)
Component name: Device Manager Server
Version(s):
- Windows, Linux(*3)
- 8.8.3-03(*4) August 8, 2022
Product name: Hitachi Device Manager ---(1)
Component name: Device Manager Agent
Version(s):
- Windows, Linux(*3)
- 8.8.3-03(*4) August 8, 2022
Product name: Hitachi Device Manager ---(1)
Component name: Host Data Collector
Version(s):
- Windows, Linux(*3)
- 8.8.3-03(*4) August 8, 2022
Product name: Hitachi Tiered Storage Manager ---(2)
Version(s):
- Windows, Linux(*3)
- 8.8.3-03(*4) August 8, 2022
Product name: Hitachi Replication Manager ---(3)
Version(s):
- Windows, Linux(*3)
- 8.8.3-03(*4) August 8, 2022
Product name: Hitachi Tuning Manager(*5) ---(4)
Component name: Hitachi Tuning Manager server
Version(s):
- Windows, Linux(*3)
- 8.8.3-03(*4) August 8, 2022
Product name: Hitachi Tuning Manager(*5) ---(4)
Component name: Hitachi Tuning Manager - Agent for RAID
Version(s):
- Windows, Linux(*3)
- 8.8.3-03(*4) August 8, 2022
Product name: Hitachi Tuning Manager(*5) ---(4)
Component name: Hitachi Tuning Manager - Agent for NAS
Version(s):
- Windows, Linux(*3)
- 8.8.3-03(*4) August 8, 2022
Product name: Hitachi Tuning Manager(*5) ---(4)
Component name: Hitachi Tuning Manager - Agent for SAN Switch
Version(s):
- Windows, Linux(*3)
- 8.8.3-03(*4) August 8, 2022
Product name: Hitachi Dynamic Link Manager ---(5)
Version(s):
- Windows, VMware
- 8.8.3-03(*4) August 8, 2022
- Linux
- 8.8.4-00(*4) August 8, 2022
Product name: Hitachi Global Link Manager ---(6)
Version(s):
- Windows
- 8.8.3-04(*4) August 8, 2022
Product name: Hitachi Compute Systems Manager ---(7)
Version(s):
- Windows, Linux
- 8.8.3-03(*4) August 8, 2022
Product name: Hitachi Automation Director ---(8)
Contact your Hitachi support service representative.
Product name: Hitachi Configuration Manager ---(9)
Version(s):
- Windows, Linux
- 10.9.0-00 October 31, 2022
- Hitachi Ops Center
Product name: Hitachi Ops Center Automator ---(8)
Version(s):
- Windows, Linux
- 10.8.3-00(*4) July 25, 2022
Product name: Hitachi Ops Center API Configuration Manager ---(9)
Version(s):
- Windows, Linux
- 10.9.0-00 October 31, 2022
Product name: Hitachi Ops Center Analyzer(*6) ---(10)
Version(s):
- Linux
- 10.8.3-00(*4) July 25, 2022
Product name: Hitachi Ops Center Analyzer viewpoint ---(11)
Version(s):
- Linux
- 10.8.3-00 July 25, 2022
Product name: Hitachi Ops Center Viewpoint(*7) ---(12)
Version(s):
- Linux
- 10.8.3-00(*4) July 25, 2022
Product name: Hitachi Ops Center Common Services ---(13)
Version(s):
- Linux
- 10.8.3-00 July 25, 2022
Product name: Hitachi Ops Center Administrator ---(14)
Version(s):
- Linux
- 10.9.0-00 October 31, 2022
- *1
- Device Manager agent must also be upgraded.
- *2
- If Host Data Collector is installed in a different server to which installed Hitachi Device Manager, the Host Data Collector must also be upgraded.
- *3
- Solaris is no longer supported. Use the fixed version for Windows or Linux.
- *4
- CVE-2022-21426 has not been fixed.
- *5
- Hitachi Tuning Manager - Agent for RAID, Hitachi Tuning Manager - Agent for NAS and Hitachi Tuning Manager - Agent for SAN Switch must also be upgraded.
- *6
- Analyzer probe server and API Configuration Manager must also be upgraded.
- *7
- Viewpoint data center proxy and Viewpoint RAID Agent must also be upgraded.
For details on the fixed products, contact your Hitachi support service representative.