Severity by source
AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
PR:H confirmed by storage admin access requirement; S:C reflects exposed credentials enabling compromise of systems beyond Storage Navigator; no integrity or availability impact applies.
Primary rating from Vendor (Hitachi).
CVSS VectorVendor: Hitachi
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
Lifecycle Timeline
1DescriptionCVE.org
Information exposure vulnerability in Hitachi Storage Navigator.
This issue affects Hitachi Virtual Storage Platform 5100, 5200, 5500, 5600, 5100H, 5200H, 5500H, 5600H, VX8: before DKCMAIN Ver. 90-09-24-00/00, SVP Ver. 90-09-24/00, before DKCMAIN Ver. 90-08-86-00/00, SVP Ver. 90-08-86/00; Hitachi Virtual Storage Platform G1000, G1500, F1500, VX7: before DKCMAIN Ver. 80-06-96-00/00, SVP Ver. 80-06-91/00.
AnalysisAI
Credential exposure in Hitachi Storage Navigator allows authenticated storage administrators to extract insufficiently protected credentials through the network-accessible management interface, potentially enabling lateral movement to systems outside the storage platform's authorization boundary. Affected platforms span the Hitachi VSP 5000-series and G/F/VX-series enterprise storage arrays running pre-patch firmware versions on both the DKCMAIN and SVP components. No public exploit code and no CISA KEV listing have been identified at time of analysis, though the CVSS Scope:Changed metric indicates that exposed credentials could be leveraged against systems well beyond Storage Navigator itself.
Technical ContextAI
Hitachi Storage Navigator is the web-based management interface for Hitachi Virtual Storage Platform enterprise storage arrays. The affected firmware components are the DKCMAIN (disk controller main firmware) and SVP (service processor), which jointly handle storage operations and the management plane. The root cause is CWE-522 (Insufficiently Protected Credentials), indicating that credentials accessible within the Storage Navigator interface are stored or transmitted without adequate protection - potentially in cleartext, weakly encoded, or in a location accessible to privileged users beyond their intended scope. The CVSS Scope:Changed metric indicates that credentials exposed through this vulnerability can be used to compromise systems outside the Storage Navigator authorization boundary, such as upstream management hosts or integrated identity systems. Two distinct CPE-identified product families are affected: cpe:2.3:a:hitachi:hitachi_virtual_storage_platform_5100,_5200,_5500,_5600,_5100h,_5200h,_5500h,_5600h,_vx8 and cpe:2.3:a:hitachi:hitachi_virtual_storage_platform_g1000,_g1500,_f1500,_vx7.
RemediationAI
Administrators should upgrade affected VSP 5100/5200/5500/5600/5100H/5200H/5500H/5600H/VX8 systems to DKCMAIN Ver. 90-09-24-00/00 with SVP Ver. 90-09-24/00, or to DKCMAIN Ver. 90-08-86-00/00 with SVP Ver. 90-08-86/00 for the applicable firmware branch; VSP G1000/G1500/F1500/VX7 systems should be upgraded to DKCMAIN Ver. 80-06-96-00/00 with SVP Ver. 80-06-91/00. Full patch guidance and firmware acquisition are available at the Hitachi advisory: https://www.hitachi.com/products/it/storage-solutions/sec_info/2026/2026_301.html. As compensating controls prior to patching, restrict Storage Navigator network reachability to a dedicated, firewalled management VLAN - this directly reduces the AV:N exposure surface even while the credential protection flaw persists. Additionally, audit and minimize accounts with storage administrator privileges (reducing the population of accounts whose compromise enables exploitation), rotate any service account or integration credentials that may have been exposed through the interface, and review administrative session logs for anomalous access patterns. Note that VLAN isolation does not eliminate the risk for insider threats with legitimate management-network access.
Same weakness CWE-522 – Insufficiently Protected Credentials
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-210366
GHSA-6x35-h74f-24j6