October 15, 2021
Hitachi, Ltd. IT Platform Products Management Division
Hitachi Disk Array Systems have the following vulnerability.
Hitachi-sec-2021-311
CVE-2021-26435 | Windows Scripting Engine Memory Corruption Vulnerability
CVE-2021-36954 | Windows Bind Filter Driver Elevation of Privilege Vulnerability
CVE-2021-36955 | Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2021-36959 | Windows Authenticode Spoofing Vulnerability
CVE-2021-36960 | Windows SMB Information Disclosure Vulnerability
CVE-2021-36961 | Windows Installer Denial of Service Vulnerability
CVE-2021-36962 | Windows Installer Information Disclosure Vulnerability
CVE-2021-36963 | Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2021-36964 | Windows Event Tracing Elevation of Privilege Vulnerability
CVE-2021-36965 | Windows WLAN Auto Config Service Remote Code Execution Vulnerability
CVE-2021-36966 | Windows Subsystem for Linux Elevation of Privilege Vulnerability
CVE-2021-36967 | Windows WLAN Auto Config Service Elevation of Privilege Vulnerability
CVE-2021-36969 | Windows Redirected Drive Buffering Sub System Driver Information Disclosure Vulnerability
CVE-2021-36972 | Windows SMB Information Disclosure Vulnerability
CVE-2021-36973 | Windows Redirected Drive Buffering System Elevation of Privilege Vulnerability
CVE-2021-36974 | Windows SMB Elevation of Privilege Vulnerability
CVE-2021-36975 | Win32k Elevation of Privilege Vulnerability
CVE-2021-38624 | Windows Key Storage Provider Security Feature Bypass Vulnerability
CVE-2021-38628 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2021-38629 | Windows Ancillary Function Driver for WinSock Information Disclosure Vulnerability
CVE-2021-38630 | Windows Event Tracing Elevation of Privilege Vulnerability
CVE-2021-38632 | BitLocker Security Feature Bypass Vulnerability
CVE-2021-38633 | Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2021-38634 | Microsoft Windows Update Client Elevation of Privilege Vulnerability
CVE-2021-38635 | Windows Redirected Drive Buffering Sub System Driver Information Disclosure Vulnerability
CVE-2021-38636 | Windows Redirected Drive Buffering Sub System Driver Information Disclosure Vulnerability
CVE-2021-38637 | Windows Storage Information Disclosure Vulnerability
CVE-2021-38638 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2021-38639 | Win32k Elevation of Privilege Vulnerability
CVE-2021-40444 | Microsoft MSHTML Remote Code Execution Vulnerability
The following table shows the affected products.
Product Name |
Hitachi Unified Storage VM (HUS VM) |
---|---|
Vulnerability ID |
CVE-2021-26435, CVE-2021-36955, CVE-2021-36959, CVE-2021-36960, CVE-2021-36961, CVE-2021-36962, CVE-2021-36963, CVE-2021-36964, CVE-2021-36965, CVE-2021-36967, CVE-2021-36969, CVE-2021-36972, CVE-2021-36973, CVE-2021-36974, CVE-2021-38624, CVE-2021-38628, CVE-2021-38629, CVE-2021-38630, CVE-2021-38633, CVE-2021-38634, CVE-2021-38635, CVE-2021-38636, CVE-2021-38638, CVE-2021-38639, CVE-2021-40444 |
Product Name |
Hitachi Virtual Storage Platform 5100, 5500 Hitachi Virtual Storage Platform 5100H, 5500H |
---|---|
Vulnerability ID |
CVE-2021-26435, CVE-2021-36954, CVE-2021-36955, CVE-2021-36959, CVE-2021-36960, CVE-2021-36961, CVE-2021-36962, CVE-2021-36963, CVE-2021-36964, CVE-2021-36965, CVE-2021-36966, CVE-2021-36967, CVE-2021-36969, CVE-2021-36972, CVE-2021-36973, CVE-2021-36974, CVE-2021-36975, CVE-2021-38624, CVE-2021-38628, CVE-2021-38629, CVE-2021-38630, CVE-2021-38632, CVE-2021-38633, CVE-2021-38634, CVE-2021-38635, CVE-2021-38636, CVE-2021-38637, CVE-2021-38638, CVE-2021-38639, CVE-2021-40444 |
Product Name |
Hitachi Virtual Storage Platform G1000, G1500 Hitachi Virtual Storage Platform F1500 Hitachi Virtual Storage Platform VX7 |
---|---|
Vulnerability ID |
CVE-2021-26435, CVE-2021-36955, CVE-2021-36959, CVE-2021-36960, CVE-2021-36961, CVE-2021-36962, CVE-2021-36963, CVE-2021-36964, CVE-2021-36965, CVE-2021-36967, CVE-2021-36969, CVE-2021-36972, CVE-2021-36973, CVE-2021-36974, CVE-2021-38624, CVE-2021-38628, CVE-2021-38629, CVE-2021-38630, CVE-2021-38633, CVE-2021-38634, CVE-2021-38635, CVE-2021-38636, CVE-2021-38638, CVE-2021-38639, CVE-2021-40444 |
The following products are not affected by the vulnerabilities:
Please refer to the Security Update Guide (Microsoft) about the vulnerabilities.