January 26, 2022
Hitachi, Ltd. IT Platform Products Management Division
Hitachi Disk Array Systems have the following vulnerability.
Hitachi-sec-2022-301
CVE-2021-22947 | Open Source Curl Remote Code Execution Vulnerability
CVE-2021-36976 | Libarchive Remote Code Execution Vulnerability
CVE-2022-21833 | Virtual Machine IDE Drive Elevation of Privilege Vulnerability
CVE-2022-21834 | Windows User-mode Driver Framework Reflector Driver Elevation of Privilege Vulnerability
CVE-2022-21835 | Microsoft Cryptographic Services Elevation of Privilege Vulnerability
CVE-2022-21836 | Windows Certificate Spoofing Vulnerability
CVE-2022-21838 | Windows Cleanup Manager Elevation of Privilege Vulnerability
CVE-2022-21839 | Windows Event Tracing Discretionary Access Control List Denial of Service Vulnerability
CVE-2022-21843 | Windows IKE Extension Denial of Service Vulnerability
CVE-2022-21847 | Windows Hyper-V Denial of Service Vulnerability
CVE-2022-21848 | Windows IKE Extension Denial of Service Vulnerability
CVE-2022-21849 | Windows IKE Extension Remote Code Execution Vulnerability
CVE-2022-21850 | Remote Desktop Client Remote Code Execution Vulnerability
CVE-2022-21851 | Remote Desktop Client Remote Code Execution Vulnerability
CVE-2022-21852 | Windows DWM Core Library Elevation of Privilege Vulnerability
CVE-2022-21857 | Active Directory Domain Services Elevation of Privilege Vulnerability
CVE-2022-21858 | Windows Bind Filter Driver Elevation of Privilege Vulnerability
CVE-2022-21859 | Windows Accounts Control Elevation of Privilege Vulnerability
CVE-2022-21860 | Windows App Contracts API Server Elevation of Privilege Vulnerability
CVE-2022-21861 | Task Flow Data Engine Elevation of Privilege Vulnerability
CVE-2022-21862 | Windows Application Model Core API Elevation of Privilege Vulnerability
CVE-2022-21863 | Windows State Repository API Server file Elevation of Privilege Vulnerability
CVE-2022-21864 | Windows UI Immersive Server API Elevation of Privilege Vulnerability
CVE-2022-21865 | Connected Devices Platform Service Elevation of Privilege Vulnerability
CVE-2022-21866 | Windows System Launcher Elevation of Privilege Vulnerability
CVE-2022-21867 | Windows Push Notifications Apps Elevation of Privilege Vulnerability
CVE-2022-21868 | Windows Devices Human Interface Elevation of Privilege Vulnerability
CVE-2022-21869 | Clipboard User Service Elevation of Privilege Vulnerability
CVE-2022-21870 | Tablet Windows User Interface Application Core Elevation of Privilege Vulnerability
CVE-2022-21871 | Microsoft Diagnostics Hub Standard Collector Runtime Elevation of Privilege Vulnerability
CVE-2022-21872 | Windows Event Tracing Elevation of Privilege Vulnerability
CVE-2022-21873 | Tile Data Repository Elevation of Privilege Vulnerability
CVE-2022-21874 | Windows Security Center API Remote Code Execution Vulnerability
CVE-2022-21875 | Windows Storage Elevation of Privilege Vulnerability
CVE-2022-21876 | Win32k Information Disclosure Vulnerability
CVE-2022-21877 | Storage Spaces Controller Information Disclosure Vulnerability
CVE-2022-21878 | Windows Geolocation Service Remote Code Execution Vulnerability
CVE-2022-21879 | Windows Kernel Elevation of Privilege Vulnerability
CVE-2022-21880 | Windows GDI+ Information Disclosure Vulnerability
CVE-2022-21881 | Windows Kernel Elevation of Privilege Vulnerability
CVE-2022-21882 | Win32k Elevation of Privilege Vulnerability
CVE-2022-21883 | Windows IKE Extension Denial of Service Vulnerability
CVE-2022-21885 | Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
CVE-2022-21888 | Windows Modern Execution Server Remote Code Execution Vulnerability
CVE-2022-21889 | Windows IKE Extension Denial of Service Vulnerability
CVE-2022-21890 | Windows IKE Extension Denial of Service Vulnerability
CVE-2022-21892 | Windows Resilient File System (Re FS) Remote Code Execution Vulnerability
CVE-2022-21893 | Remote Desktop Protocol Remote Code Execution Vulnerability
CVE-2022-21894 | Secure Boot Security Feature Bypass Vulnerability
CVE-2022-21895 | Windows User Profile Service Elevation of Privilege Vulnerability
CVE-2022-21896 | Windows DWM Core Library Elevation of Privilege Vulnerability
CVE-2022-21897 | Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2022-21898 | DirectX Graphics Kernel Remote Code Execution Vulnerability
CVE-2022-21899 | Windows Extensible Firmware Interface Security Feature Bypass Vulnerability
CVE-2022-21900 | Windows Hyper-V Security Feature Bypass Vulnerability
CVE-2022-21901 | Windows Hyper-V Elevation of Privilege Vulnerability
CVE-2022-21902 | Windows DWM Core Library Elevation of Privilege Vulnerability
CVE-2022-21903 | Windows GDI Elevation of Privilege Vulnerability
CVE-2022-21904 | Windows GDI Information Disclosure Vulnerability
CVE-2022-21905 | Windows Hyper-V Security Feature Bypass Vulnerability
CVE-2022-21906 | Windows Defender Application Control Security Feature Bypass Vulnerability
CVE-2022-21907 | HTTP Protocol Stack Remote Code Execution Vulnerability
CVE-2022-21908 | Windows Installer Elevation of Privilege Vulnerability
CVE-2022-21911 | .NET Framework Denial of Service Vulnerability
CVE-2022-21912 | DirectX Graphics Kernel Remote Code Execution Vulnerability
CVE-2022-21913 | Local Security Authority (Domain Policy) Remote Protocol Security Feature Bypass
CVE-2022-21914 | Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
CVE-2022-21915 | Windows GDI+ Information Disclosure Vulnerability
CVE-2022-21916 | Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2022-21918 | DirectX Graphics Kernel File Denial of Service Vulnerability
CVE-2022-21919 | Windows User Profile Service Elevation of Privilege Vulnerability
CVE-2022-21920 | Windows Kerberos Elevation of Privilege Vulnerability
CVE-2022-21922 | Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2022-21924 | Workstation Service Remote Protocol Security Feature Bypass Vulnerability
CVE-2022-21925 | Windows Backup Key Remote Protocol Security Feature Bypass Vulnerability
CVE-2022-21928 | Windows Resilient File System (Re FS) Remote Code Execution Vulnerability
CVE-2022-21958 | Windows Resilient File System (Re FS) Remote Code Execution Vulnerability
CVE-2022-21959 | Windows Resilient File System (Re FS) Remote Code Execution Vulnerability
CVE-2022-21960 | Windows Resilient File System (Re FS) Remote Code Execution Vulnerability
CVE-2022-21961 | Windows Resilient File System (Re FS) Remote Code Execution Vulnerability
CVE-2022-21962 | Windows Resilient File System (Re FS) Remote Code Execution Vulnerability
CVE-2022-21963 | Windows Resilient File System (Re FS) Remote Code Execution Vulnerability
The following table shows the affected products.
Product Name |
Hitachi Virtual Storage Platform 5200, 5600, 5200H, 5600H Hitachi Virtual Storage Platform 5100, 5500, 5100H, 5500H |
---|---|
Vulnerability ID |
CVE-2021-22947, CVE-2021-36976, CVE-2022-21833, CVE-2022-21834, CVE-2022-21835, CVE-2022-21836, CVE-2022-21838, CVE-2022-21839, CVE-2022-21843, CVE-2022-21847, CVE-2022-21848, CVE-2022-21849, CVE-2022-21850, CVE-2022-21851, CVE-2022-21852, CVE-2022-21857, CVE-2022-21858, CVE-2022-21859, CVE-2022-21860, CVE-2022-21861, CVE-2022-21862, CVE-2022-21863, CVE-2022-21864, CVE-2022-21865, CVE-2022-21866, CVE-2022-21867, CVE-2022-21868, CVE-2022-21869, CVE-2022-21870, CVE-2022-21871, CVE-2022-21872, CVE-2022-21873, CVE-2022-21874, CVE-2022-21875, CVE-2022-21876, CVE-2022-21877, CVE-2022-21878, CVE-2022-21879, CVE-2022-21880, CVE-2022-21881, CVE-2022-21882, CVE-2022-21883, CVE-2022-21885, CVE-2022-21888, CVE-2022-21889, CVE-2022-21890, CVE-2022-21892, CVE-2022-21893, CVE-2022-21894, CVE-2022-21895, CVE-2022-21896, CVE-2022-21897, CVE-2022-21898, CVE-2022-21900, CVE-2022-21901, CVE-2022-21902, CVE-2022-21903, CVE-2022-21904, CVE-2022-21905, CVE-2022-21906, CVE-2022-21907, CVE-2022-21908, CVE-2022-21911, CVE-2022-21912, CVE-2022-21913, CVE-2022-21914, CVE-2022-21915, CVE-2022-21916, CVE-2022-21918, CVE-2022-21919, CVE-2022-21920, CVE-2022-21922, CVE-2022-21924, CVE-2022-21925, CVE-2022-21928, CVE-2022-21958, CVE-2022-21959, CVE-2022-21960, CVE-2022-21961, CVE-2022-21962, CVE-2022-21963 |
Product Name |
Hitachi Virtual Storage Platform G1000, G1500 Hitachi Virtual Storage Platform F1500 Hitachi Virtual Storage Platform VX7 |
---|---|
Vulnerability ID |
CVE-2022-21833, CVE-2022-21834, CVE-2022-21835, CVE-2022-21836, CVE-2022-21838, CVE-2022-21843, CVE-2022-21848, CVE-2022-21849, CVE-2022-21850, CVE-2022-21851, CVE-2022-21857, CVE-2022-21859, CVE-2022-21860, CVE-2022-21862, CVE-2022-21864, CVE-2022-21866, CVE-2022-21867, CVE-2022-21868, CVE-2022-21870, CVE-2022-21871, CVE-2022-21873, CVE-2022-21874, CVE-2022-21875, CVE-2022-21876, CVE-2022-21878, CVE-2022-21880, CVE-2022-21881, CVE-2022-21883, CVE-2022-21885, CVE-2022-21889, CVE-2022-21890, CVE-2022-21892, CVE-2022-21893, CVE-2022-21894, CVE-2022-21895, CVE-2022-21897, CVE-2022-21899, CVE-2022-21900, CVE-2022-21901, CVE-2022-21903, CVE-2022-21904, CVE-2022-21905, CVE-2022-21908, CVE-2022-21911, CVE-2022-21913, CVE-2022-21914, CVE-2022-21915, CVE-2022-21916, CVE-2022-21919, CVE-2022-21920, CVE-2022-21922, CVE-2022-21924, CVE-2022-21925, CVE-2022-21928, CVE-2022-21958, CVE-2022-21959, CVE-2022-21960, CVE-2022-21961, CVE-2022-21962, CVE-2022-21963 |
The following products are not affected by the vulnerabilities:
Please refer to the Security Update Guide (Microsoft) about the vulnerabilities.