CVE Catalog

CVE-2025-7386

MediumCVSS 6.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.23%

13th percentile — higher than 13% of all known CVEs

Summary

Information exposure vulnerability in Hitachi Storage Navigator. This flaw affects multiple Hitachi Virtual Storage Platform models before specific DKCMAIN and SVP software versions.

Risk Assessment

The risk involves potential unauthorized access to sensitive data stored in the storage system, which could lead to information leakage and breach of data confidentiality for the organization.

Recommendation

Immediately update DKCMAIN and SVP software to the versions specified in the vulnerability description for each storage model. It is also recommended to restrict access to the Storage Navigator interface to trusted networks and users only.

Original NVD description (English source)

Information exposure vulnerability in Hitachi Storage Navigator. This issue affects Hitachi Virtual Storage Platform 5100, 5200, 5500, 5600, 5100H, 5200H, 5500H, 5600H, VX8: before DKCMAIN Ver. 90-09-24-00/00, SVP Ver. 90-09-24/00, before DKCMAIN Ver. 90-08-86-00/00, SVP Ver. 90-08-86/00; Hitachi Virtual Storage Platform G1000, G1500, F1500, VX7: before DKCMAIN Ver. 80-06-96-00/00, SVP Ver. 80-06-91/00.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS