December 2, 2022
Hitachi, Ltd. IT Platform Products Management Division
Hitachi Disk Array Systems have the following vulnerability.
Hitachi-sec-2022-312
CVE-2022-23824 | AMD: CVE-2022-23824 IBPB and Return Address Predictor Interactions
CVE-2022-37992 | Windows Group Policy Elevation of Privilege Vulnerability
CVE-2022-38015 | Windows Hyper-V Denial of Service Vulnerability
CVE-2022-41039 | Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
CVE-2022-41045 | Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability
CVE-2022-41047 | Microsoft ODBC Driver Remote Code Execution Vulnerability
CVE-2022-41048 | Microsoft ODBC Driver Remote Code Execution Vulnerability
CVE-2022-41049 | Windows Mark of the Web Security Feature Bypass Vulnerability
CVE-2022-41050 | Windows Extensible File Allocation Table Elevation of Privilege Vulnerability
CVE-2022-41052 | Windows Graphics Component Remote Code Execution Vulnerability
CVE-2022-41053 | Windows Kerberos Denial of Service Vulnerability
CVE-2022-41054 | Windows Resilient File System (Re FS) Elevation of Privilege Vulnerability
CVE-2022-41055 | Windows Human Interface Device Information Disclosure Vulnerability
CVE-2022-41056 | Network Policy Server (NPS) RADIUS Protocol Denial of Service Vulnerability
CVE-2022-41057 | Windows HTTP.sys Elevation of Privilege Vulnerability
CVE-2022-41058 | Windows Network Address Translation (NAT) Denial of Service Vulnerability
CVE-2022-41064 | .NET Framework Information Disclosure Vulnerability
CVE-2022-41073 | Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2022-41086 | Windows Group Policy Elevation of Privilege Vulnerability
CVE-2022-41088 | Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
CVE-2022-41090 | Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerability
CVE-2022-41091 | Windows Mark of the Web Security Feature Bypass Vulnerability
CVE-2022-41093 | Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability
CVE-2022-41095 | Windows Digital Media Receiver Elevation of Privilege Vulnerability
CVE-2022-41096 | Microsoft DWM Core Library Elevation of Privilege Vulnerability
CVE-2022-41097 | Network Policy Server (NPS) RADIUS Protocol Information Disclosure Vulnerability
CVE-2022-41098 | Windows GDI+ Information Disclosure Vulnerability
CVE-2022-41099 | BitLocker Security Feature Bypass Vulnerability
CVE-2022-41100 | Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability
CVE-2022-41101 | Windows Overlay Filter Elevation of Privilege Vulnerability
CVE-2022-41102 | Windows Overlay Filter Elevation of Privilege Vulnerability
CVE-2022-41109 | Windows Win32k Elevation of Privilege Vulnerability
CVE-2022-41113 | Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability
CVE-2022-41118 | Windows Scripting Languages Remote Code Execution Vulnerability
CVE-2022-41125 | Windows CNG Key Isolation Service Elevation of Privilege Vulnerability
CVE-2022-41128 | Windows Scripting Languages Remote Code Execution Vulnerability
The following table shows the affected products.
Product Name |
Hitachi Virtual Storage Platform 5200, 5600, 5200H, 5600H Hitachi Virtual Storage Platform 5100, 5500, 5100H, 5500H |
---|---|
Vulnerability ID |
CVE-2022-23824, CVE-2022-37992, CVE-2022-38015, CVE-2022-41039, CVE-2022-41045, CVE-2022-41047, CVE-2022-41048, CVE-2022-41049, CVE-2022-41050, CVE-2022-41052, CVE-2022-41053, CVE-2022-41054, CVE-2022-41055, CVE-2022-41056, CVE-2022-41057, CVE-2022-41058, CVE-2022-41064, CVE-2022-41073, CVE-2022-41086, CVE-2022-41088, CVE-2022-41090, CVE-2022-41091, CVE-2022-41093, CVE-2022-41095, CVE-2022-41096, CVE-2022-41097, CVE-2022-41098, CVE-2022-41099, CVE-2022-41100, CVE-2022-41101, CVE-2022-41102, CVE-2022-41109, CVE-2022-41113, CVE-2022-41118, CVE-2022-41125, CVE-2022-41128 |
Product Name |
Hitachi Virtual Storage Platform G1000, G1500 Hitachi Virtual Storage Platform F1500 Hitachi Virtual Storage Platform VX7 |
---|---|
Vulnerability ID |
CVE-2022-23824, CVE-2022-37992, CVE-2022-38015, CVE-2022-41039, CVE-2022-41045, CVE-2022-41047, CVE-2022-41048, CVE-2022-41049, CVE-2022-41050, CVE-2022-41052, CVE-2022-41053, CVE-2022-41056, CVE-2022-41057, CVE-2022-41058, CVE-2022-41064, CVE-2022-41073, CVE-2022-41086, CVE-2022-41088, CVE-2022-41090, CVE-2022-41091, CVE-2022-41093, CVE-2022-41095, CVE-2022-41097, CVE-2022-41098, CVE-2022-41099, CVE-2022-41100, CVE-2022-41101, CVE-2022-41102, CVE-2022-41109, CVE-2022-41118, CVE-2022-41125, CVE-2022-41128 |
The following products are not affected by the vulnerabilities:
Please refer to the Security Update Guide (Microsoft) about the vulnerabilities.