November 24, 2021
Hitachi, Ltd. IT Platform Products Management Division
Hitachi Disk Array Systems have the following vulnerability.
Hitachi-sec-2021-313
CVE-2021-26443 | Microsoft Virtual Machine Bus (VM Bus) Remote Code Execution Vulnerability
CVE-2021-36957 | Windows Desktop Bridge Elevation of Privilege Vulnerability
CVE-2021-38631 | Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability
CVE-2021-38665 | Remote Desktop Protocol Client Information Disclosure Vulnerability
CVE-2021-38666 | Remote Desktop Client Remote Code Execution Vulnerability
CVE-2021-41351 | Microsoft Edge (Chrome based) Spoofing on IE Mode
CVE-2021-41356 | Windows Denial of Service Vulnerability
CVE-2021-41366 | Credential Security Support Provider Protocol (Cred SSP) Elevation of Privilege Vulnerability
CVE-2021-41367 | NTFS Elevation of Privilege Vulnerability
CVE-2021-41370 | NTFS Elevation of Privilege Vulnerability
CVE-2021-41371 | Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability
CVE-2021-41377 | Windows Fast FAT File System Driver Elevation of Privilege Vulnerability
CVE-2021-41378 | Windows NTFS Remote Code Execution Vulnerability
CVE-2021-41379 | Windows Installer Elevation of Privilege Vulnerability
CVE-2021-42274 | Windows Hyper-V Discrete Device Assignment (DDA) Denial of Service Vulnerability
CVE-2021-42275 | Microsoft COM for Windows Remote Code Execution Vulnerability
CVE-2021-42276 | Microsoft Windows Media Foundation Remote Code Execution Vulnerability
CVE-2021-42277 | Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability
CVE-2021-42279 | Chakra Scripting Engine Memory Corruption Vulnerability
CVE-2021-42280 | Windows Feedback Hub Elevation of Privilege Vulnerability
CVE-2021-42283 | NTFS Elevation of Privilege Vulnerability
CVE-2021-42284 | Windows Hyper-V Denial of Service Vulnerability
CVE-2021-42285 | Windows Kernel Elevation of Privilege Vulnerability
CVE-2021-42288 | Windows Hello Security Feature Bypass Vulnerability
The following table shows the affected products.
Product Name |
Hitachi Unified Storage VM (HUS VM) |
---|---|
Vulnerability ID |
CVE-2021-38631, CVE-2021-38665, CVE-2021-38666, CVE-2021-41356, CVE-2021-41366, CVE-2021-41367, CVE-2021-41370, CVE-2021-41371, CVE-2021-41377, CVE-2021-41379, CVE-2021-42275, CVE-2021-42276, CVE-2021-42277, CVE-2021-42279, CVE-2021-42283, CVE-2021-42284, CVE-2021-42285 |
Product Name |
Hitachi Virtual Storage Platform 5100, 5500 Hitachi Virtual Storage Platform 5100H, 5500H |
---|---|
Vulnerability ID |
CVE-2021-26443, CVE-2021-36957, CVE-2021-38631, CVE-2021-38665, CVE-2021-38666, CVE-2021-41351, CVE-2021-41356, CVE-2021-41366, CVE-2021-41367, CVE-2021-41370, CVE-2021-41371, CVE-2021-41377, CVE-2021-41378, CVE-2021-41379, CVE-2021-42274, CVE-2021-42275, CVE-2021-42276, CVE-2021-42277, CVE-2021-42279, CVE-2021-42280, CVE-2021-42283, CVE-2021-42284, CVE-2021-42285, CVE-2021-42288 |
Product Name |
Hitachi Virtual Storage Platform G1000, G1500 Hitachi Virtual Storage Platform F1500 Hitachi Virtual Storage Platform VX7 |
---|---|
Vulnerability ID |
CVE-2021-38631, CVE-2021-38665, CVE-2021-38666, CVE-2021-41356, CVE-2021-41366, CVE-2021-41367, CVE-2021-41370, CVE-2021-41371, CVE-2021-41377, CVE-2021-41379, CVE-2021-42275, CVE-2021-42276, CVE-2021-42277, CVE-2021-42279, CVE-2021-42283, CVE-2021-42284, CVE-2021-42285 |
The following products are not affected by the vulnerabilities:
Please refer to the Security Update Guide (Microsoft) about the vulnerabilities.