Published date:June 17, 2021
Hitachi, Ltd. IT Platform Products Management Division
A Command Injection Vulnerability was found in Hitachi Virtual File Platform.
Arbitrary commands may be executed illegally, if an authenticated user of Hitachi Virtual File Platform sends an invalid request to Hitachi Virtual File Platform.
The following table shows the versions affected by this vulnerability.
|Product Name||Affected versions|
|Hitachi Virtual File Platform||Earlier than 6.4.3-09|
|Earlier than 5.5.3-09|
Please apply the fixed version. The fixed version is as follows.
|Product Name||Fixed versions|
|Hitachi Virtual File Platform||6.4.3-09|
Thanks to Hiroki Matsukuma (of Cyber Defense Institute, Inc) for reporting this vulnerability.