Hitachi Virtual Storage Platform 5100 5200 5500 5600 5100H 5200H 5500H 5600H Vx8
Monthly
Credential exposure in Hitachi Storage Navigator allows authenticated storage administrators to extract insufficiently protected credentials through the network-accessible management interface, potentially enabling lateral movement to systems outside the storage platform's authorization boundary. Affected platforms span the Hitachi VSP 5000-series and G/F/VX-series enterprise storage arrays running pre-patch firmware versions on both the DKCMAIN and SVP components. No public exploit code and no CISA KEV listing have been identified at time of analysis, though the CVSS Scope:Changed metric indicates that exposed credentials could be leveraged against systems well beyond Storage Navigator itself.
Credential exposure in Hitachi Storage Navigator allows authenticated storage administrators to extract insufficiently protected credentials through the network-accessible management interface, potentially enabling lateral movement to systems outside the storage platform's authorization boundary. Affected platforms span the Hitachi VSP 5000-series and G/F/VX-series enterprise storage arrays running pre-patch firmware versions on both the DKCMAIN and SVP components. No public exploit code and no CISA KEV listing have been identified at time of analysis, though the CVSS Scope:Changed metric indicates that exposed credentials could be leveraged against systems well beyond Storage Navigator itself.