May 12, 2021
Hitachi, Ltd. IT Platform Products Management Division
Hitachi Disk Array Systems have the following vulnerability.
Hitachi-sec-2021-304
CVE-2021-26413 | Windows Installer Spoofing Vulnerability
CVE-2021-26415 | Windows Installer Elevation of Privilege Vulnerability
CVE-2021-26417 | Windows Overlay Filter Information Disclosure Vulnerability
CVE-2021-27072 | Win32k Elevation of Privilege Vulnerability
CVE-2021-27079 | Windows Media Photo Codec Information Disclosure Vulnerability
CVE-2021-27086 | Windows Services and Controller App Elevation of Privilege Vulnerability
CVE-2021-27088 | Windows Event Tracing Elevation of Privilege Vulnerability
CVE-2021-27089 | Microsoft Internet Messaging API Remote Code Execution Vulnerability
CVE-2021-27091 | RPC Endpoint Mapper Service Elevation of Privilege Vulnerability
CVE-2021-27092 | Azure AD Web Sign-in Security Feature Bypass Vulnerability
CVE-2021-27093 | Windows Kernel Information Disclosure Vulnerability
CVE-2021-27094 | Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability
CVE-2021-27095 | Windows Media Video Decoder Remote Code Execution Vulnerability
CVE-2021-27096 | NTFS Elevation of Privilege Vulnerability
CVE-2021-28309 | Windows Kernel Information Disclosure Vulnerability
CVE-2021-28310 | Win32k Elevation of Privilege Vulnerability
CVE-2021-28311 | Windows Application Compatibility Cache Denial of Service Vulnerability
CVE-2021-28312 | Windows NTFS Denial of Service Vulnerability
CVE-2021-28313 | Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability
CVE-2021-28315 | Windows Media Video Decoder Remote Code Execution Vulnerability
CVE-2021-28316 | Windows WLAN Auto Config Service Security Feature Bypass Vulnerability
CVE-2021-28317 | Microsoft Windows Codecs Library Information Disclosure Vulnerability
CVE-2021-28318 | Windows GDI+ Information Disclosure Vulnerability
CVE-2021-28319 | Windows TCP/IP Driver Denial of Service Vulnerability
CVE-2021-28320 | Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability
CVE-2021-28321 | Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability
CVE-2021-28322 | Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability
CVE-2021-28323 | Windows DNS Information Disclosure Vulnerability
CVE-2021-28325 | Windows SMB Information Disclosure Vulnerability
CVE-2021-28326 | Windows AppX Deployment Server Denial of Service Vulnerability
CVE-2021-28327 | Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2021-28328 | Windows DNS Information Disclosure Vulnerability
CVE-2021-28329 | Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2021-28330 | Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2021-28331 | Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2021-28332 | Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2021-28333 | Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2021-28334 | Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2021-28335 | Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2021-28336 | Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2021-28337 | Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2021-28338 | Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2021-28339 | Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2021-28340 | Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2021-28341 | Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2021-28342 | Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2021-28343 | Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2021-28344 | Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2021-28345 | Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2021-28346 | Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2021-28347 | Windows Speech Runtime Elevation of Privilege Vulnerability
CVE-2021-28348 | Windows GDI+ Remote Code Execution Vulnerability
CVE-2021-28349 | Windows GDI+ Remote Code Execution Vulnerability
CVE-2021-28350 | Windows GDI+ Remote Code Execution Vulnerability
CVE-2021-28351 | Windows Speech Runtime Elevation of Privilege Vulnerability
CVE-2021-28352 | Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2021-28353 | Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2021-28354 | Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2021-28355 | Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2021-28356 | Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2021-28357 | Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2021-28358 | Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2021-28434 | Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2021-28435 | Windows Event Tracing Information Disclosure Vulnerability
CVE-2021-28436 | Windows Speech Runtime Elevation of Privilege Vulnerability
CVE-2021-28437 | Windows Installer Information Disclosure Vulnerability
CVE-2021-28438 | Windows Console Driver Denial of Service Vulnerability
CVE-2021-28439 | Windows TCP/IP Driver Denial of Service Vulnerability
CVE-2021-28440 | Windows Installer Elevation of Privilege Vulnerability
CVE-2021-28442 | Windows TCP/IP Information Disclosure Vulnerability
CVE-2021-28443 | Windows Console Driver Denial of Service Vulnerability
CVE-2021-28445 | Windows Network File System Remote Code Execution Vulnerability
CVE-2021-28446 | Windows Portmapping Information Disclosure Vulnerability
CVE-2021-28447 | Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability
The following table shows the affected products.
Product Name |
Hitachi Unified Storage VM (HUS VM) |
---|---|
Vulnerability ID |
CVE-2021-26413, CVE-2021-26415, CVE-2021-27072, CVE-2021-27079, CVE-2021-27089, CVE-2021-27093, CVE-2021-27094, CVE-2021-27095, CVE-2021-27096, CVE-2021-28309, CVE-2021-28315, CVE-2021-28316, CVE-2021-28317, CVE-2021-28318, CVE-2021-28320, CVE-2021-28323, CVE-2021-28325, CVE-2021-28326, CVE-2021-28327, CVE-2021-28328, CVE-2021-28329, CVE-2021-28330, CVE-2021-28331, CVE-2021-28332, CVE-2021-28333, CVE-2021-28334, CVE-2021-28335, CVE-2021-28336, CVE-2021-28337, CVE-2021-28338, CVE-2021-28339, CVE-2021-28340, CVE-2021-28341, CVE-2021-28342, CVE-2021-28343, CVE-2021-28344, CVE-2021-28345, CVE-2021-28346, CVE-2021-28347, CVE-2021-28348, CVE-2021-28349, CVE-2021-28350, CVE-2021-28351, CVE-2021-28352, CVE-2021-28353, CVE-2021-28354, CVE-2021-28355, CVE-2021-28356, CVE-2021-28357, CVE-2021-28358, CVE-2021-28434, CVE-2021-28435, CVE-2021-28436, CVE-2021-28437, CVE-2021-28439, CVE-2021-28440, CVE-2021-28443, CVE-2021-28447 |
Product Name |
Hitachi Virtual Storage Platform 5100, 5500 Hitachi Virtual Storage Platform 5100H, 5500H |
---|---|
Vulnerability ID |
CVE-2021-26413, CVE-2021-26415, CVE-2021-26417, CVE-2021-27072, CVE-2021-27079, CVE-2021-27086, CVE-2021-27088, CVE-2021-27089, CVE-2021-27092, CVE-2021-27093, CVE-2021-27094, CVE-2021-27095, CVE-2021-27096, CVE-2021-28309, CVE-2021-28310, CVE-2021-28311, CVE-2021-28312, CVE-2021-28313, CVE-2021-28315, CVE-2021-28316, CVE-2021-28317, CVE-2021-28318, CVE-2021-28319, CVE-2021-28320, CVE-2021-28321, CVE-2021-28322, CVE-2021-28323, CVE-2021-28325, CVE-2021-28326, CVE-2021-28327, CVE-2021-28328, CVE-2021-28329, CVE-2021-28330, CVE-2021-28331, CVE-2021-28332, CVE-2021-28333, CVE-2021-28334, CVE-2021-28335, CVE-2021-28336, CVE-2021-28337, CVE-2021-28338, CVE-2021-28339, CVE-2021-28340, CVE-2021-28341, CVE-2021-28342, CVE-2021-28343, CVE-2021-28344, CVE-2021-28345, CVE-2021-28346, CVE-2021-28347, CVE-2021-28348, CVE-2021-28349, CVE-2021-28350, CVE-2021-28351, CVE-2021-28352, CVE-2021-28353, CVE-2021-28354, CVE-2021-28355, CVE-2021-28356, CVE-2021-28357, CVE-2021-28358, CVE-2021-28434, CVE-2021-28435, CVE-2021-28436, CVE-2021-28437, CVE-2021-28438, CVE-2021-28439, CVE-2021-28440, CVE-2021-28442, CVE-2021-28443, CVE-2021-28445, CVE-2021-28446, CVE-2021-28447 |
Product Name |
Hitachi Virtual Storage Platform G1000, G1500 Hitachi Virtual Storage Platform F1500 Hitachi Virtual Storage Platform VX7 |
---|---|
Vulnerability ID |
CVE-2021-26413, CVE-2021-26415, CVE-2021-27072, CVE-2021-27079, CVE-2021-27089, CVE-2021-27093, CVE-2021-27094, CVE-2021-27095, CVE-2021-27096, CVE-2021-28309, CVE-2021-28315, CVE-2021-28316, CVE-2021-28317, CVE-2021-28318, CVE-2021-28320, CVE-2021-28323, CVE-2021-28325, CVE-2021-28326, CVE-2021-28327, CVE-2021-28328, CVE-2021-28329, CVE-2021-28330, CVE-2021-28331, CVE-2021-28332, CVE-2021-28333, CVE-2021-28334, CVE-2021-28335, CVE-2021-28336, CVE-2021-28337, CVE-2021-28338, CVE-2021-28339, CVE-2021-28340, CVE-2021-28341, CVE-2021-28342, CVE-2021-28343, CVE-2021-28344, CVE-2021-28345, CVE-2021-28346, CVE-2021-28347, CVE-2021-28348, CVE-2021-28349, CVE-2021-28350, CVE-2021-28351, CVE-2021-28352, CVE-2021-28353, CVE-2021-28354, CVE-2021-28355, CVE-2021-28356, CVE-2021-28357, CVE-2021-28358, CVE-2021-28434, CVE-2021-28435, CVE-2021-28436, CVE-2021-28437, CVE-2021-28439, CVE-2021-28440, CVE-2021-28443, CVE-2021-28447 |
The following products are not affected by the vulnerabilities:
Please refer to the Security Update Guide (Microsoft) about the vulnerabilities.