{"api_version":"1","generated_at":"2026-04-23T11:34:49+00:00","cve":"CVE-2022-3884","urls":{"html":"https://cve.report/CVE-2022-3884","api":"https://cve.report/api/cve/CVE-2022-3884.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2022-3884","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2022-3884"},"summary":{"title":"CVE-2022-3884","description":"Incorrect Default Permissions vulnerability in Hitachi Ops Center Analyzer on Windows (Hitachi Ops Center Analyzer RAID Agent component) allows local users to read and write specific files.This issue affects Hitachi Ops Center Analyzer: from 10.9.0-00 before 10.9.0-01.","state":"PUBLIC","assigner":"hirt@hitachi.co.jp","published_at":"2023-02-28 03:15:00","updated_at":"2023-11-07 03:51:00"},"problem_types":["CWE-276"],"metrics":[],"references":[{"url":"https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-105/index.html","name":"https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-105/index.html","refsource":"MISC","tags":[],"title":"Multiple Vulnerabilities in Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center Analyzer: Software Vulnerability Information: Software: Hitachi","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2022-3884","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-3884","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2022","cve_id":"3884","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"hitachi","cpe5":"ops_center_analyzer","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"3884","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"microsoft","cpe5":"windows","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"x64","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"data_version":"4.0","data_type":"CVE","data_format":"MITRE","CVE_data_meta":{"ID":"CVE-2022-3884","ASSIGNER":"hirt@hitachi.co.jp","STATE":"PUBLIC"},"description":{"description_data":[{"lang":"eng","value":"Incorrect Default Permissions vulnerability in Hitachi Ops Center Analyzer on Windows (Hitachi Ops Center Analyzer RAID Agent component) allows local users to read and write specific files.This issue affects Hitachi Ops Center Analyzer: from 10.9.0-00 before 10.9.0-01."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-276 Incorrect Default Permissions","cweId":"CWE-276"}]}]},"affects":{"vendor":{"vendor_data":[{"vendor_name":"Hitachi","product":{"product_data":[{"product_name":"Hitachi Ops Center Analyzer","version":{"version_data":[{"version_value":"not down converted","x_cve_json_5_version_data":{"versions":[{"changes":[{"at":"10.9.0-01","status":"unaffected"}],"lessThan":"10.9.0-01","status":"affected","version":"10.9.0-00","versionType":"custom"}],"defaultStatus":"unaffected"}}]}}]}}]}},"references":{"reference_data":[{"url":"https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-105/index.html","refsource":"MISC","name":"https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-105/index.html"}]},"generator":{"engine":"Vulnogram 0.1.0-dev"},"source":{"advisory":"hitachi-sec-2023-105","discovery":"UNKNOWN"},"impact":{"cvss":[{"attackComplexity":"LOW","attackVector":"LOCAL","availabilityImpact":"NONE","baseScore":7.3,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"LOW","privilegesRequired":"LOW","scope":"CHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N","version":"3.1"}]}},"nvd":{"publishedDate":"2023-02-28 03:15:00","lastModifiedDate":"2023-11-07 03:51:00","problem_types":["CWE-276"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE","baseScore":7.1,"baseSeverity":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.2}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:hitachi:ops_center_analyzer:*:*:*:*:*:*:*:*","versionStartIncluding":"10.9.0-00","versionEndExcluding":"10.9.1-00","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:x64:*","cpe_name":[]}]}],"cpe_match":[]}]}},"legacy_mitre":{"record":null,"notes":[]}}}