March 19, 2020
Hitachi, Ltd. IT Platform Products Management Division
Hitachi Disk Array Systems have the following vulnerability.
Hitachi-sec-2020-305
CVE-2018-12126 | Microarchitectural Store Buffer Data Sampling
CVE-2018-12127 | Microarchitectural Load Port Data Sampling
CVE-2018-12130 | Microarchitectural Fill Buffer Data Sampling
CVE-2019-11091 | Microarchitectural Data Sampling Uncacheable Memory
CVE-2020-3757 | February 2020 Adobe Flash Security Update
CVE-2020-0655 | Remote Desktop Services Remote Code Execution Vulnerability
CVE-2020-0657 | Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2020-0658 | Windows Common Log File System Driver Information Disclosure Vulnerability
CVE-2020-0659 | Windows Data Sharing Service Elevation of Privilege Vulnerability
CVE-2020-0660 | Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability
CVE-2020-0661 | Windows Hyper-V Denial of Service Vulnerability
CVE-2020-0662 | Windows Remote Code Execution Vulnerability
CVE-2020-0663 | Microsoft Edge Elevation of Privilege Vulnerability
CVE-2020-0665 | Active Directory Elevation of Privilege Vulnerability
CVE-2020-0666 | Windows Search Indexer Elevation of Privilege Vulnerability
CVE-2020-0667 | Windows Search Indexer Elevation of Privilege Vulnerability
CVE-2020-0668 | Windows Kernel Elevation of Privilege Vulnerability
CVE-2020-0669 | Windows Kernel Elevation of Privilege Vulnerability
CVE-2020-0670 | Windows Kernel Elevation of Privilege Vulnerability
CVE-2020-0671 | Windows Kernel Elevation of Privilege Vulnerability
CVE-2020-0672 | Windows Kernel Elevation of Privilege Vulnerability
CVE-2020-0673 | Scripting Engine Memory Corruption Vulnerability
CVE-2020-0674 | Scripting Engine Memory Corruption Vulnerability
CVE-2020-0675 | Windows Key Isolation Service Information Disclosure Vulnerability
CVE-2020-0676 | Windows Key Isolation Service Information Disclosure Vulnerability
CVE-2020-0677 | Windows Key Isolation Service Information Disclosure Vulnerability
CVE-2020-0678 | Windows Error Reporting Manager Elevation of Privilege Vulnerability
CVE-2020-0679 | Windows Function Discovery Service Elevation of Privilege Vulnerability
CVE-2020-0680 | Windows Function Discovery Service Elevation of Privilege Vulnerability
CVE-2020-0681 | Remote Desktop Client Remote Code Execution Vulnerability
CVE-2020-0682 | Windows Function Discovery Service Elevation of Privilege Vulnerability
CVE-2020-0683 | Windows Installer Elevation of Privilege Vulnerability
CVE-2020-0685 | Windows COM Server Elevation of Privilege Vulnerability
CVE-2020-0686 | Windows Installer Elevation of Privilege Vulnerability
CVE-2020-0691 | Win32k Elevation of Privilege Vulnerability
CVE-2020-0698 | Windows Information Disclosure Vulnerability
CVE-2020-0701 | Windows Client License Service Elevation of Privilege Vulnerability
CVE-2020-0703 | Windows Backup Service Elevation of Privilege Vulnerability
CVE-2020-0704 | Windows Wireless Network Manager Elevation of Privilege Vulnerability
CVE-2020-0705 | Windows Network Driver Interface Specification (NDIS) Information Disclosure Vulnerability
CVE-2020-0706 | Microsoft Browser Information Disclosure Vulnerability
CVE-2020-0707 | Windows IME Elevation of Privilege Vulnerability
CVE-2020-0708 | Windows Imaging Library Remote Code Execution Vulnerability
CVE-2020-0709 | DirectX Elevation of Privilege Vulnerability
CVE-2020-0710 | Scripting Engine Memory Corruption Vulnerability
CVE-2020-0711 | Scripting Engine Memory Corruption Vulnerability
CVE-2020-0712 | Scripting Engine Memory Corruption Vulnerability
CVE-2020-0713 | Scripting Engine Memory Corruption Vulnerability
CVE-2020-0714 | DirectX Information Disclosure Vulnerability
CVE-2020-0715 | Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2020-0716 | Win32k Information Disclosure Vulnerability
CVE-2020-0717 | Win32k Information Disclosure Vulnerability
CVE-2020-0719 | Win32k Elevation of Privilege Vulnerability
CVE-2020-0720 | Win32k Elevation of Privilege Vulnerability
CVE-2020-0721 | Win32k Elevation of Privilege Vulnerability
CVE-2020-0722 | Win32k Elevation of Privilege Vulnerability
CVE-2020-0723 | Win32k Elevation of Privilege Vulnerability
CVE-2020-0724 | Win32k Elevation of Privilege Vulnerability
CVE-2020-0725 | Win32k Elevation of Privilege Vulnerability
CVE-2020-0726 | Win32k Elevation of Privilege Vulnerability
CVE-2020-0727 | Connected User Experiences and Telemetry Service Elevation of Privilege Vulnerability
CVE-2020-0728 | Windows Modules Installer Service Information Disclosure Vulnerability
CVE-2020-0729 | LNK Remote Code Execution Vulnerability
CVE-2020-0730 | Windows User Profile Service Elevation of Privilege Vulnerability
CVE-2020-0731 | Win32k Elevation of Privilege Vulnerability
CVE-2020-0732 | DirectX Elevation of Privilege Vulnerability
CVE-2020-0734 | Remote Desktop Client Remote Code Execution Vulnerability
CVE-2020-0735 | Windows Search Indexer Elevation of Privilege Vulnerability
CVE-2020-0736 | Windows Kernel Information Disclosure Vulnerability
CVE-2020-0737 | Windows Elevation of Privilege Vulnerability
CVE-2020-0738 | Media Foundation Memory Corruption Vulnerability
CVE-2020-0739 | Windows Elevation of Privilege Vulnerability
CVE-2020-0740 | Connected Devices Platform Service Elevation of Privilege Vulnerability
CVE-2020-0741 | Connected Devices Platform Service Elevation of Privilege Vulnerability
CVE-2020-0742 | Connected Devices Platform Service Elevation of Privilege Vulnerability
CVE-2020-0743 | Connected Devices Platform Service Elevation of Privilege Vulnerability
CVE-2020-0744 | Windows GDI Information Disclosure Vulnerability
CVE-2020-0745 | Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2020-0746 | Microsoft Graphics Components Information Disclosure Vulnerability
CVE-2020-0747 | Windows Data Sharing Service Elevation of Privilege Vulnerability
CVE-2020-0748 | Windows Key Isolation Service Information Disclosure Vulnerability
CVE-2020-0749 | Connected Devices Platform Service Elevation of Privilege Vulnerability
CVE-2020-0750 | Connected Devices Platform Service Elevation of Privilege Vulnerability
CVE-2020-0752 | Windows Search Indexer Elevation of Privilege Vulnerability
CVE-2020-0753 | Windows Error Reporting Elevation of Privilege Vulnerability
CVE-2020-0754 | Windows Error Reporting Elevation of Privilege Vulnerability
CVE-2020-0755 | Windows Key Isolation Service Information Disclosure Vulnerability
CVE-2020-0756 | Windows Key Isolation Service Information Disclosure Vulnerability
CVE-2020-0757 | Windows SSH Elevation of Privilege Vulnerability
CVE-2020-0767 | Scripting Engine Memory Corruption Vulnerability
The following table shows the affected products.
Product Name | Hitachi Unified Storage VM (HUS VM) |
---|---|
Vulnerability ID | CVE-2020-3757, CVE-2020-0655, CVE-2020-0657, CVE-2020-0658, CVE-2020-0659, CVE-2020-0660, CVE-2020-0662, CVE-2020-0665, CVE-2020-0666, CVE-2020-0667, CVE-2020-0668, CVE-2020-0673, CVE-2020-0674, CVE-2020-0675, CVE-2020-0676, CVE-2020-0677, CVE-2020-0678, CVE-2020-0679, CVE-2020-0680, CVE-2020-0681, CVE-2020-0682, CVE-2020-0683, CVE-2020-0686, CVE-2020-0691, CVE-2020-0698, CVE-2020-0703, CVE-2020-0704, CVE-2020-0705, CVE-2020-0706, CVE-2020-0707, CVE-2020-0708, CVE-2020-0709, CVE-2020-0715, CVE-2020-0716, CVE-2020-0719, CVE-2020-0720, CVE-2020-0721, CVE-2020-0722, CVE-2020-0723, CVE-2020-0724, CVE-2020-0725, CVE-2020-0726, CVE-2020-0727, CVE-2020-0729, CVE-2020-0730, CVE-2020-0731, CVE-2020-0732, CVE-2020-0734, CVE-2020-0735, CVE-2020-0737, CVE-2020-0738, CVE-2020-0739, CVE-2020-0742, CVE-2020-0744, CVE-2020-0745, CVE-2020-0747, CVE-2020-0748, CVE-2020-0749, CVE-2020-0752, CVE-2020-0753, CVE-2020-0754, CVE-2020-0755, CVE-2020-0756, CVE-2020-0767 |
Product Name | Hitachi Virtual Storage Platform 5100, 5500 Hitachi Virtual Storage Platform 5100H, 5500H |
---|---|
Vulnerability ID | CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091,
CVE-2020-3757, CVE-2020-0655, CVE-2020-0657, CVE-2020-0658, CVE-2020-0659, CVE-2020-0660, CVE-2020-0661, CVE-2020-0662, CVE-2020-0663, CVE-2020-0665, CVE-2020-0666, CVE-2020-0667, CVE-2020-0668, CVE-2020-0669, CVE-2020-0670, CVE-2020-0671, CVE-2020-0672, CVE-2020-0673, CVE-2020-0674, CVE-2020-0675, CVE-2020-0676, CVE-2020-0677, CVE-2020-0678, CVE-2020-0679, CVE-2020-0680, CVE-2020-0681, CVE-2020-0682, CVE-2020-0683, CVE-2020-0685, CVE-2020-0686, CVE-2020-0691, CVE-2020-0698, CVE-2020-0701, CVE-2020-0703, CVE-2020-0704, CVE-2020-0705, CVE-2020-0706, CVE-2020-0707, CVE-2020-0708, CVE-2020-0710, CVE-2020-0711, CVE-2020-0712, CVE-2020-0713, CVE-2020-0714, CVE-2020-0715, CVE-2020-0717, CVE-2020-0719, CVE-2020-0720, CVE-2020-0721, CVE-2020-0722, CVE-2020-0723, CVE-2020-0724, CVE-2020-0725, CVE-2020-0726, CVE-2020-0727, CVE-2020-0728, CVE-2020-0729, CVE-2020-0730, CVE-2020-0731, CVE-2020-0734, CVE-2020-0735, CVE-2020-0737, CVE-2020-0738, CVE-2020-0739, CVE-2020-0740, CVE-2020-0741, CVE-2020-0742, CVE-2020-0743, CVE-2020-0744, CVE-2020-0745, CVE-2020-0746, CVE-2020-0747, CVE-2020-0748, CVE-2020-0749, CVE-2020-0750, CVE-2020-0752, CVE-2020-0753, CVE-2020-0754, CVE-2020-0755, CVE-2020-0756, CVE-2020-0757, CVE-2020-0767 |
Product Name | Hitachi Virtual Storage Platform G1000, G1500 Hitachi Virtual Storage Platform F1500 Hitachi Virtual Storage Platform VX7 |
---|---|
Vulnerability ID | CVE-2020-3757, CVE-2020-0655, CVE-2020-0657, CVE-2020-0658, CVE-2020-0659, CVE-2020-0660, CVE-2020-0662, CVE-2020-0665, CVE-2020-0666, CVE-2020-0667, CVE-2020-0668, CVE-2020-0673, CVE-2020-0674, CVE-2020-0675, CVE-2020-0676, CVE-2020-0677, CVE-2020-0678, CVE-2020-0679, CVE-2020-0680, CVE-2020-0681, CVE-2020-0682, CVE-2020-0683, CVE-2020-0686, CVE-2020-0691, CVE-2020-0698, CVE-2020-0703, CVE-2020-0704, CVE-2020-0705, CVE-2020-0706, CVE-2020-0707, CVE-2020-0708, CVE-2020-0709, CVE-2020-0715, CVE-2020-0716, CVE-2020-0719, CVE-2020-0720, CVE-2020-0721, CVE-2020-0722, CVE-2020-0723, CVE-2020-0724, CVE-2020-0725, CVE-2020-0726, CVE-2020-0727, CVE-2020-0729, CVE-2020-0730, CVE-2020-0731, CVE-2020-0732, CVE-2020-0734, CVE-2020-0735, CVE-2020-0737, CVE-2020-0738, CVE-2020-0739, CVE-2020-0742, CVE-2020-0744, CVE-2020-0745, CVE-2020-0747, CVE-2020-0748, CVE-2020-0749, CVE-2020-0752, CVE-2020-0753, CVE-2020-0754, CVE-2020-0755, CVE-2020-0756, CVE-2020-0767 |
The following products are not affected by the vulnerabilities:
Please refer to the Security Update Guide (Microsoft) about the vulnerabilities.