September 9, 2022
Hitachi, Ltd. IT Platform Products Management Division
Hitachi Disk Array Systems have the following vulnerability.
Hitachi-sec-2022-308
CVE-2022-21845 | Windows Kernel Information Disclosure Vulnerability
CVE-2022-22022 | Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2022-22023 | Windows Portable Device Enumerator Service Security Feature Bypass Vulnerability
CVE-2022-22024 | Windows Fax Service Remote Code Execution Vulnerability
CVE-2022-22025 | Windows Internet Information Services Cachuri Module Denial of Service Vulnerability
CVE-2022-22026 | Windows CSRSS Elevation of Privilege Vulnerability
CVE-2022-22027 | Windows Fax Service Remote Code Execution Vulnerability
CVE-2022-22031 | Windows Credential Guard Domain-joined Public Key Elevation of Privilege Vulnerability
CVE-2022-22034 | Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2022-22036 | Performance Counters for Windows Elevation of Privilege Vulnerability
CVE-2022-22037 | Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability
CVE-2022-22038 | Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2022-22040 | Internet Information Services Dynamic Compression Module Denial of Service Vulnerability
CVE-2022-22041 | Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2022-22042 | Windows Hyper-V Information Disclosure Vulnerability
CVE-2022-22043 | Windows Fast FAT File System Driver Elevation of Privilege Vulnerability
CVE-2022-22045 | Windows.Devices.Picker.dll Elevation of Privilege Vulnerability
CVE-2022-22047 | Windows CSRSS Elevation of Privilege Vulnerability
CVE-2022-22048 | BitLocker Security Feature Bypass Vulnerability
CVE-2022-22049 | Windows CSRSS Elevation of Privilege Vulnerability
CVE-2022-22050 | Windows Fax Service Elevation of Privilege Vulnerability
CVE-2022-22711 | Windows BitLocker Information Disclosure Vulnerability
CVE-2022-27776 | Insufficiently protected credentials vulnerability might leak authentication or cookie header data
CVE-2022-30202 | Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability
CVE-2022-30203 | Windows Boot Manager Security Feature Bypass Vulnerability
CVE-2022-30205 | Windows Group Policy Elevation of Privilege Vulnerability
CVE-2022-30206 | Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2022-30208 | Windows Security Account Manager (SAM) Denial of Service Vulnerability
CVE-2022-30209 | Windows IIS Server Elevation of Privilege Vulnerability
CVE-2022-30211 | Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability
CVE-2022-30212 | Windows Connected Devices Platform Service Information Disclosure Vulnerability
CVE-2022-30213 | Windows GDI+ Information Disclosure Vulnerability
CVE-2022-30220 | Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2022-30221 | Windows Graphics Component Remote Code Execution Vulnerability
CVE-2022-30222 | Windows Shell Remote Code Execution Vulnerability
CVE-2022-30223 | Windows Hyper-V Information Disclosure Vulnerability
CVE-2022-30224 | Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability
CVE-2022-30225 | Windows Media Player Network Sharing Service Elevation of Privilege Vulnerability
CVE-2022-30226 | Windows Print Spooler Elevation of Privilege Vulnerability
The following table shows the affected products.
Product Name |
Hitachi Virtual Storage Platform 5200, 5600, 5200H, 5600H Hitachi Virtual Storage Platform 5100, 5500, 5100H, 5500H |
---|---|
Vulnerability ID |
CVE-2022-21845, CVE-2022-22022, CVE-2022-22023, CVE-2022-22024, CVE-2022-22025, CVE-2022-22026, CVE-2022-22027, CVE-2022-22031, CVE-2022-22034, CVE-2022-22036, CVE-2022-22037, CVE-2022-22038, CVE-2022-22040, CVE-2022-22041, CVE-2022-22042, CVE-2022-22043, CVE-2022-22045, CVE-2022-22047, CVE-2022-22048, CVE-2022-22049, CVE-2022-22050, CVE-2022-22711, CVE-2022-27776, CVE-2022-30202, CVE-2022-30203, CVE-2022-30205, CVE-2022-30206, CVE-2022-30208, CVE-2022-30209, CVE-2022-30211, CVE-2022-30212, CVE-2022-30213, CVE-2022-30220, CVE-2022-30221, CVE-2022-30222, CVE-2022-30223, CVE-2022-30224, CVE-2022-30225, CVE-2022-30226 |
Product Name |
Hitachi Virtual Storage Platform G1000, G1500 Hitachi Virtual Storage Platform F1500 Hitachi Virtual Storage Platform VX7 |
---|---|
Vulnerability ID |
CVE-2022-21845, CVE-2022-22022, CVE-2022-22023, CVE-2022-22024, CVE-2022-22025, CVE-2022-22026, CVE-2022-22027, CVE-2022-22031, CVE-2022-22034, CVE-2022-22036, CVE-2022-22037, CVE-2022-22038, CVE-2022-22040, CVE-2022-22041, CVE-2022-22042, CVE-2022-22043, CVE-2022-22045, CVE-2022-22047, CVE-2022-22048, CVE-2022-22049, CVE-2022-22050, CVE-2022-22711, CVE-2022-30202, CVE-2022-30203, CVE-2022-30205, CVE-2022-30206, CVE-2022-30208, CVE-2022-30209, CVE-2022-30211, CVE-2022-30213, CVE-2022-30220, CVE-2022-30221, CVE-2022-30223, CVE-2022-30224, CVE-2022-30225, CVE-2022-30226 |
The following products are not affected by the vulnerabilities:
Please refer to the Security Update Guide (Microsoft) about the vulnerabilities.