November 28, 2019
Hitachi, Ltd. IT Platform Products Management Division
Hitachi Disk Array Systems have the following vulnerability.
Hitachi-sec-2019-310
CVE-2019-0608 | Microsoft Browser Spoofing Vulnerability
CVE-2019-1060 | MS XML Remote Code Execution Vulnerability
CVE-2019-1166 | Windows NTLM Tampering Vulnerability
CVE-2019-1230 | Hyper-V Information Disclosure Vulnerability
CVE-2019-1238 | VBScript Remote Code Execution Vulnerability
CVE-2019-1239 | VBScript Remote Code Execution Vulnerability
CVE-2019-1307 | Chakra Scripting Engine Memory Corruption Vulnerability
CVE-2019-1308 | Chakra Scripting Engine Memory Corruption Vulnerability
CVE-2019-1311 | Windows Imaging API Remote Code Execution Vulnerability
CVE-2019-1315 | Windows Error Reporting Manager Elevation of Privilege Vulnerability
CVE-2019-1316 | Microsoft Windows Setup Elevation of Privilege Vulnerability
CVE-2019-1317 | Microsoft Windows Denial of Service Vulnerability
CVE-2019-1318 | Microsoft Windows Transport Layer Security Spoofing Vulnerability
CVE-2019-1319 | Windows Error Reporting Elevation of Privilege Vulnerability
CVE-2019-1320 | Microsoft Windows Elevation of Privilege Vulnerability
CVE-2019-1321 | Microsoft Windows CloudStore Elevation of Privilege Vulnerability
CVE-2019-1322 | Microsoft Windows Elevation of Privilege Vulnerability
CVE-2019-1323 | Microsoft Windows Update Client Elevation of Privilege Vulnerability
CVE-2019-1325 | Windows Redirected Drive Buffering System Elevation of Privilege Vulnerability
CVE-2019-1326 | Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability
CVE-2019-1333 | Remote Desktop Client Remote Code Execution Vulnerability
CVE-2019-1334 | Windows Kernel Information Disclosure Vulnerability
CVE-2019-1335 | Chakra Scripting Engine Memory Corruption Vulnerability
CVE-2019-1336 | Microsoft Windows Update Client Elevation of Privilege Vulnerability
CVE-2019-1337 | Windows Update Client Information Disclosure Vulnerability
CVE-2019-1338 | Windows NTLM Security Feature Bypass Vulnerability
CVE-2019-1339 | Windows Error Reporting Manager Elevation of Privilege Vulnerability
CVE-2019-1340 | Microsoft Windows Elevation of Privilege Vulnerability
CVE-2019-1341 | Windows Power Service Elevation of Privilege Vulnerability
CVE-2019-1342 | Windows Error Reporting Manager Elevation of Privilege Vulnerability
CVE-2019-1343 | Windows Denial of Service Vulnerability
CVE-2019-1344 | Windows Code Integrity Module Information Disclosure Vulnerability
CVE-2019-1345 | Windows Kernel Information Disclosure Vulnerability
CVE-2019-1346 | Windows Denial of Service Vulnerability
CVE-2019-1347 | Windows Denial of Service Vulnerability
CVE-2019-1356 | Microsoft Edge based on Edge HTML Information Disclosure Vulnerability
CVE-2019-1357 | Microsoft Browser Spoofing Vulnerability
CVE-2019-1358 | Jet Database Engine Remote Code Execution Vulnerability
CVE-2019-1359 | Jet Database Engine Remote Code Execution Vulnerability
CVE-2019-1361 | Microsoft Graphics Components Information Disclosure Vulnerability
CVE-2019-1362 | Win32k Elevation of Privilege Vulnerability
CVE-2019-1363 | Windows GDI Information Disclosure Vulnerability
CVE-2019-1364 | Win32k Elevation of Privilege Vulnerability
CVE-2019-1365 | Microsoft IIS Server Elevation of Privilege Vulnerability
CVE-2019-1366 | Chakra Scripting Engine Memory Corruption Vulnerability
CVE-2019-1368 | Windows Secure Boot Security Feature Bypass Vulnerability
CVE-2019-1371 | Internet Explorer Memory Corruption Vulnerability
The following table shows the affected products.
| Product Name | Hitachi Unified Storage VM (HUS VM) |
|---|---|
| Vulnerability ID | CVE-2019-0608, CVE-2019-1060, CVE-2019-1166, CVE-2019-1238, CVE-2019-1307, CVE-2019-1308, CVE-2019-1311, CVE-2019-1315, CVE-2019-1316, CVE-2019-1317, CVE-2019-1318, CVE-2019-1319, CVE-2019-1325, CVE-2019-1326, CVE-2019-1333, CVE-2019-1334, CVE-2019-1335, CVE-2019-1339, CVE-2019-1341, CVE-2019-1342, CVE-2019-1343, CVE-2019-1344, CVE-2019-1346, CVE-2019-1347, CVE-2019-1357, CVE-2019-1358, CVE-2019-1359, CVE-2019-1366, CVE-2019-1371 |
| Product Name | Hitachi Virtual Storage Platform 5100, 5500 Hitachi Virtual Storage Platform 5100H, 5500H |
|---|---|
| Vulnerability ID | CVE-2019-0608, CVE-2019-1060, CVE-2019-1166, CVE-2019-1230, CVE-2019-1238, CVE-2019-1239, CVE-2019-1307, CVE-2019-1308, CVE-2019-1311, CVE-2019-1315, CVE-2019-1316, CVE-2019-1317, CVE-2019-1318, CVE-2019-1319, CVE-2019-1320, CVE-2019-1321, CVE-2019-1322, CVE-2019-1323, CVE-2019-1325, CVE-2019-1326, CVE-2019-1333, CVE-2019-1334, CVE-2019-1335, CVE-2019-1336, CVE-2019-1337, CVE-2019-1339, CVE-2019-1340, CVE-2019-1341, CVE-2019-1342, CVE-2019-1343, CVE-2019-1344, CVE-2019-1345, CVE-2019-1346, CVE-2019-1347, CVE-2019-1356, CVE-2019-1357, CVE-2019-1358, CVE-2019-1359, CVE-2019-1365, CVE-2019-1366, CVE-2019-1368, CVE-2019-1371 |
| Product Name | Hitachi Virtual Storage Platform G1000, G1500 Hitachi Virtual Storage Platform F1500 Hitachi Virtual Storage Platform VX7 |
|---|---|
| Vulnerability ID | CVE-2019-0608, CVE-2019-1060, CVE-2019-1166, CVE-2019-1238, CVE-2019-1307, CVE-2019-1308, CVE-2019-1311, CVE-2019-1315, CVE-2019-1316, CVE-2019-1317, CVE-2019-1318, CVE-2019-1319, CVE-2019-1325, CVE-2019-1326, CVE-2019-1333, CVE-2019-1334, CVE-2019-1335, CVE-2019-1338, CVE-2019-1339, CVE-2019-1341, CVE-2019-1342, CVE-2019-1343, CVE-2019-1344, CVE-2019-1346, CVE-2019-1347, CVE-2019-1357, CVE-2019-1358, CVE-2019-1359, CVE-2019-1361, CVE-2019-1362, CVE-2019-1363, CVE-2019-1364, CVE-2019-1365, CVE-2019-1366, CVE-2019-1371 |
| Product Name | Hitachi Virtual Storage Platform Hitachi Virtual Storage Platform VP9500 |
|---|---|
| Vulnerability ID | CVE-2019-1166, CVE-2019-1315, CVE-2019-1318, CVE-2019-1319, CVE-2019-1325, CVE-2019-1326, CVE-2019-1333, CVE-2019-1338, CVE-2019-1339, CVE-2019-1341, CVE-2019-1342, CVE-2019-1344, CVE-2019-1346, CVE-2019-1358, CVE-2019-1359, CVE-2019-1361, CVE-2019-1362, CVE-2019-1363, CVE-2019-1364, CVE-2019-1365 |
The following products are not affected by the vulnerabilities:
Please refer to the Security Update Guide (Microsoft) about the vulnerabilities.
