CVE-2025-7386
MediumCVSS 6.8Exploitation Probability (EPSS)
Low risk13th percentile — higher than 13% of all known CVEs
Summary
Information exposure vulnerability in Hitachi Storage Navigator. This flaw affects multiple Hitachi Virtual Storage Platform models before specific DKCMAIN and SVP software versions.
Risk Assessment
The risk involves potential unauthorized access to sensitive data stored in the storage system, which could lead to information leakage and breach of data confidentiality for the organization.
Recommendation
Immediately update DKCMAIN and SVP software to the versions specified in the vulnerability description for each storage model. It is also recommended to restrict access to the Storage Navigator interface to trusted networks and users only.
Original NVD description (English source)
Information exposure vulnerability in Hitachi Storage Navigator. This issue affects Hitachi Virtual Storage Platform 5100, 5200, 5500, 5600, 5100H, 5200H, 5500H, 5600H, VX8: before DKCMAIN Ver. 90-09-24-00/00, SVP Ver. 90-09-24/00, before DKCMAIN Ver. 90-08-86-00/00, SVP Ver. 90-08-86/00; Hitachi Virtual Storage Platform G1000, G1500, F1500, VX7: before DKCMAIN Ver. 80-06-96-00/00, SVP Ver. 80-06-91/00.

