CVE-2025-7386 PUBLISHED

Information exposure vulnerability in Hitachi Storage Navigator

Assigner: Hitachi
Reserved: 09.07.2025 Published: 29.06.2026 Updated: 29.06.2026

Information exposure vulnerability in Hitachi Storage Navigator.

This issue affects Hitachi Virtual Storage Platform 5100, 5200, 5500, 5600, 5100H, 5200H, 5500H, 5600H, VX8: before DKCMAIN Ver. 90-09-24-00/00, SVP Ver. 90-09-24/00, before DKCMAIN Ver. 90-08-86-00/00, SVP Ver. 90-08-86/00; Hitachi Virtual Storage Platform G1000, G1500, F1500, VX7: before DKCMAIN Ver. 80-06-96-00/00, SVP Ver. 80-06-91/00.

Metrics

CVSS 3.1

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
CVSS Score: 6.8

Attack Vector	Network	Scope	Changed
Attack Complexity	Low	Confidentiality Impact	High
Privileges Required	High	Integrity Impact	None
User Interaction	None	Availability Impact	None

CVSS 3.1

Product Status

Vendor	Hitachi
Product	Hitachi Virtual Storage Platform 5100, 5200, 5500, 5600, 5100H, 5200H, 5500H, 5600H, VX8
Versions	Default: unaffected affected from 0 to DKCMAIN Ver. 90-09-24-00/00, SVP Ver. 90-09-24/00 (excl.) affected from 0 to DKCMAIN Ver. 90-08-86-00/00, SVP Ver. 90-08-86/00 (excl.)

Vendor	Hitachi
Product	Hitachi Virtual Storage Platform G1000, G1500, F1500, VX7
Versions	Default: unaffected affected from 0 to DKCMAIN Ver. 80-06-96-00/00, SVP Ver. 80-06-91/00 (excl.)

References

https://www.hitachi.com/products/it/storage-solutions/sec_info/2026/2026_301.html

Problem Types

CWE-522 Insufficiently Protected Credentials CWE

Impacts

CAPEC-114 Authentication Abuse