Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
M o d i f i e d : 7 - M a y
2 0 1 5
Security
Vulnerability
Description
CVE-2015-1635
HTTP.sys Remote
Code Execution
Vulnerability
CVE-2015-0290 & CVE-2015-0291 Open SSL Vulnerability: The multi-block feature in the
CVE-2015-0290 &
CVE-2015-0291 Open ssl3_write_bytes function in s3_pkt.c in OpenSSL 1.0.2 before 1.0.2a on 64-bit x86 platforms with AES NI
support does not properly handle certain non-blocking I/O cases, which allows remote attackers to cause a
SSL Vulnerability
denial of service (pointer corruption and application crash) via unspecified vectors.
FREAK vulnerability
(CVE-2015-0204)
March 4,2015
SAMBA
CVE-2015-0240
February 23, 2015
L a s t
M o d i f i e d : 7 - M a y
Security
Vulnerability
2 0 1 5
Description
CVE-2015-0235 -GHOST is a 'buffer overflow' Linux bug affecting the gethostbyname() and
gethostbyname2() function calls in the glibc library. This vulnerability in Linux allows a remote attacker
that is able to make an application call to either of these functions to execute arbitrary code with the
permissions of the user running the application.
GHOST
(CVE-2015-0235)
January 27, 2015
NTP
(CVE-2014-9293
through CVE-20149296)
Network Time Protocol (NTP) Vulnerability (CVE-2014-9293 through CVE-2014-9296): A remote attacker
can send a carefully crafted packet that can overflow a stack buffer and potentially allow malicious code to
be executed with the privilege level of the ntpd process.
POODLE
CVE-2014-3566
September 2014
Shellshock CVE-2014-6271 (and the related issues CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE2014-6277, and CVE-2014-6278): This vulnerability affects UNIX-based Bash (Bourne shell) and has the
potential to arbitrarily execute code within UNIX environments. Some native services and applications may
allow remote unauthenticated attackers to provide environment variables and exploit this issue.
Shellshock
CVE-2014-6271
September 24, 2014
OpenSSL Heartbleed
April 2014
OpenSSL Heartbleed: This is a serious vulnerability in the popular OpenSSL cryptographic software library.
This weakness allows stealing the information protected under normal conditions by the SSL/TLS
encryption used to secure the internet. SSL/TLS provides communication security and privacy over the
internet for applications such as web, email, instant messaging (IM) and some virtual private networks
(VPNs). The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected
by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the
service providers and to encrypt the traffic, the names and passwords of the users and the actual content.
This allows attackers to eavesdrop on communications, steal data directly from the services and users and
to impersonate services and users.
L a s t
M o d i f i e d : 7 - M a y
2 0 1 5
Product Type
Product Name
Networking
Brocade
VTL
Networking
Networking
Networking
BusTech
Cisco Systems
Emulex
Qlogic
Software
Application Protector
Software
Arkivio
Business Continuity
Manager
Software
Software
CA Integration Module
Software
Software
Software
Software
Affected?
Vulnerable?
Version
More Information
Software
Software
Software
Software
Device Manager
Dual Active ID
Software
Software
Software
Dynamic Replicator
e-Copy
Software
IT Operations Analyzer
Software
IT Operations Analyzer
Advance
L a s t
M o d i f i e d : 7 - M a y
2 0 1 5
Product Type
Product Name
Software
IT Operations Director
Software
IT Operations
Integrator
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
Storage Optimization
for MS SharePoint
Software
Vulnerable?
Version
More Information
IT Operations
Repository
LPAR
Microsoft Adapters
NanoCopy
Oracle Adapters
Power Saving
Protection Manager
Replication Manager
Replication Monitor
SAP Adapters
Sepaton
Server Conductor
Seven10
SpectraLogic
Storage Adapter for
Petrel
Storage Navigator
Modular 2
Software
Affected?
No
No
Storage Services
Manager
Storage Viewer Suite
Backup Services
Manager (HBSM)
Storage Capacity
Reporter (HSCR)
L a s t
M o d i f i e d : 7 - M a y
2 0 1 5
Product Type
Product Name
Affected?
Vulnerable?
Version
More Information
Software
Software
Software
Software
Software
Software
Software
StorFirst Apollo
Streaming Data
Platform
Symantec Adapters
Tiered Storage
Manager
Tiered Storage
Manager for MF
Tuning Manager
TurboLUN
Software
UCP Orchestration
Software
Software
Virtual Infrastructure
Integrator
Software
VTL
L a s t
M o d i f i e d : 7 - M a y
2 0 1 5
Product Type
Product Name
Software
VMware Adapters
Zone Allocation
Manager
Software
Systems
Adaptable Modular
Storage (AMS)
Systems
Adaptable Modular
Storage 2000
Systems
Capacity Optimization
Affected?
No
Vulnerable?
Version
More Information
No
No
No
No
No
Content Platform
Anywhere (HCP-AW)
No
No
HCP S Nodes
No
No
Systems
Systems
No
No
L a s t
M o d i f i e d : 7 - M a y
2 0 1 5
Product Type
Product Name
Affected?
Vulnerable?
Systems
No
No
Systems
Hitachi Universal
Storage VM
No
No
No
No
Systems
HyperStor
No
No
No
No
No
No
SMU
No
No
No
No
No
No
Systems
Systems
Network Storage
Controller (NSC55)
Simple Modular
Storage (SMS)
Version
Systems
Yes
Yes
ALL
Systems
Yes
Yes
ALL
Systems
Yes
Yes
ALL
Yes
Yes
ALL
Yes
Yes
ALL
Yes
Yes
ALL
Systems
Systems
Systems
More Information
L a s t
M o d i f i e d : 7 - M a y
2 0 1 5
Product Type
Product Name
Affected?
Vulnerable?
Version
Systems
Yes
Yes
ALL
Systems
Yes
Yes
ALL
Systems
No
No
Systems
No
No
Systems
Unified Storage VM
(HUS VM)
No
No
Systems
Universal Storage
Platform V (USP V)
No
No
Universal Storage
Platform VM (USP VM)
No
No
No
No
No
No
No
No
Systems
Systems
Systems
Systems
Virtual Storage
Platform (VSP)
Workgroup Modular
Storage WMS
Other
Hi-Track Remote
Monitoring system
No
No
Other
No
No
More Information
Management Stack runs on
Windows Server, mitigation
under investigation.
Management Stack runs on
Windows Server, mitigation
under investigation.
System does not contain
Windows OS.
L a s t
M o d i f i e d : 7 - M a y
2 0 1 5
Product Type
Product Name
Networking
Brocade
VTL
Networking
Networking
Networking
BusTech
Cisco Systems
Emulex
Qlogic
Software
Application Protector
Software
Arkivio
Business Continuity
Manager
Software
Software
CA Integration Module
Software
Software
Software
Software
Affected?
No
Vulnerable?
No
Version
FOS/NOS/BNA
More Information
http://www.brocade.com/service
s-support/driversdownloads/oscd/index.page?
No
No
No
Command Director
Compute Systems
Manager
Software
Software
Software
Software
Device Manager
Dual Active ID
L a s t
M o d i f i e d : 7 - M a y
2 0 1 5
(CVE-2015-0290/0291)
Product Type
Product Name
Software
Software
Software
Dynamic Replicator
e-Copy
Software
IT Operations Analyzer
Software
IT Operations Analyzer
Advance
Software
IT Operations Director
Software
IT Operations
Integrator
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
Affected?
Vulnerable?
No
No
Version
More Information
IT Operations
Repository
LPAR
Microsoft Adapters
NanoCopy
Oracle Adapters
Power Saving
Protection Manager
Replication Manager
Replication Monitor
SAP Adapters
Sepaton
Server Conductor
Seven10
SpectraLogic
Storage Adapter for
Petrel
Software
Storage Navigator
Modular 2
Software
Storage Optimization
for MS SharePoint
10
L a s t
M o d i f i e d : 7 - M a y
2 0 1 5
(CVE-2015-0290/0291)
Product Type
Software
Product Name
Affected?
Vulnerable?
Version
More Information
Storage Services
Manager
Storage Viewer Suite
Backup Services
Manager (HBSM)
Storage Capacity
Reporter (HSCR)
Software
Software
Software
Software
Software
Software
Software
Software
StorFirst Apollo
Streaming Data
Platform
Symantec Adapters
Tiered Storage
Manager
Tiered Storage
Manager for MF
Tuning Manager
TurboLUN
Software
UCP Orchestration
Software
Software
Virtual Infrastructure
Integrator
Software
VTL
11
L a s t
M o d i f i e d : 7 - M a y
2 0 1 5
(CVE-2015-0290/0291)
Product Type
Product Name
Software
VMware Adapters
Zone Allocation
Manager
Software
Systems
Adaptable Modular
Storage (AMS)
Systems
Adaptable Modular
Storage 2000
Systems
Capacity Optimization
Affected?
No
Vulnerable?
Version
More Information
No
No
No
No
No
All
Content Platform
Anywhere (HCP-AW)
No
No
All
HCP S Nodes
No
No
All
Systems
Systems
No
No
12
L a s t
M o d i f i e d : 7 - M a y
2 0 1 5
(CVE-2015-0290/0291)
Product Type
Product Name
Affected?
Vulnerable?
No
No
Systems
Systems
Hitachi Universal
Storage VM
No
No
Systems
File & Content
File & Content
File & Content
File & Content
HyperStor
NAS 3x00 (Titan)
NAS 30x0 (Mercury)
NAS 4000 Series
SMU
Network Storage
Controller (NSC55)
Simple Modular
Storage (SMS)
UCP for Microsoft
Exchange
UCP Select for
Microsoft SQL Server
No
No
No
No
Systems
Systems
Systems
Systems
Systems
Systems
Systems
Systems
Systems
Systems
Version
More Information
13
L a s t
M o d i f i e d : 7 - M a y
2 0 1 5
(CVE-2015-0290/0291)
Product Type
Product Name
Affected?
Vulnerable?
Systems
Systems
No
No
Systems
Unified Storage VM
(HUS VM)
No
No
Systems
Universal Storage
Platform V (USP V)
No
No
No
No
No
No
No
No
No
No
Systems
Systems
Systems
Systems
Universal Storage
Platform VM (USP VM)
Hitachi Virtual Storage
Platform G1000 (VSP
G1000)
Virtual Storage
Platform (VSP)
Workgroup Modular
Storage WMS
Version
More Information
Other
Hi-Track Remote
Monitoring system
Under investigation
Other
Under investigation
Product Name
Affected?
Vulnerable?
Version
More Information
14
L a s t
M o d i f i e d : 7 - M a y
2 0 1 5
(FREAK)
Product Type
Product Name
Affected?
Vulnerable?
Version
More Information
Networking
Brocade
FOS and
NOS not
affected
BNA 12.3.2
and lower.
12.3.2 and
lower if SSL is
turned on.
VTL
BusTech
Networking
Cisco Systems
Yes
Yes
Networking
Networking
Emulex
Qlogic
Yes
Software
Application Protector
Software
Arkivio
Business Continuity
Manager
Software
Software
CA Integration Module
Software
Software
Software
Software
Yes
Software
Software
Software
Software
Device Manager
Dual Active ID
Software
Software
Software
Dynamic Replicator
e-Copy
Software
IT Operations Analyzer
15
L a s t
M o d i f i e d : 7 - M a y
2 0 1 5
(FREAK)
Product Type
Product Name
Software
IT Operations Analyzer
Advance
Software
IT Operations Director
Software
IT Operations
Integrator
Software
IT Operations
Repository
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
Storage Navigator
Modular 2
Software
Storage Optimization
for MS SharePoint
Software
Vulnerable?
No
No
Version
More Information
LPAR
Microsoft Adapters
NanoCopy
Oracle Adapters
Power Saving
Protection Manager
Replication Manager
Replication Monitor
SAP Adapters
Sepaton
Server Conductor
Seven10
SpectraLogic
Storage Adapter for
Petrel
Software
Software
Affected?
Storage Services
Manager
Storage Viewer Suite
Backup Services
Manager (HBSM)
Storage Capacity
Reporter (HSCR)
16
L a s t
M o d i f i e d : 7 - M a y
2 0 1 5
(FREAK)
Product Type
Product Name
Affected?
Vulnerable?
Version
More Information
Software
Software
Software
Software
Software
Software
Software
StorFirst Apollo
Streaming Data
Platform
Symantec Adapters
Tiered Storage
Manager
Tiered Storage
Manager for MF
Tuning Manager
TurboLUN
Software
UCP Orchestration
Software
Software
Virtual Infrastructure
Integrator
Software
VTL
NO
NO
All
17
L a s t
M o d i f i e d : 7 - M a y
2 0 1 5
(FREAK)
Product Type
Product Name
Software
VMware Adapters
Zone Allocation
Manager
Software
Systems
Adaptable Modular
Storage (AMS)
Systems
Adaptable Modular
Storage 2000
Systems
Capacity Optimization
Systems
Affected?
No
No
Vulnerable?
Version
More Information
No
No
Content Platform
Anywhere (HCP-AW)
HCP S Nodes
No
No
No
No
No
No
All
All
All
18
L a s t
M o d i f i e d : 7 - M a y
2 0 1 5
(FREAK)
Product Type
Product Name
Affected?
Vulnerable?
Systems
Systems
Systems
Systems
Hitachi Universal
Storage VM
No
No
Yes
No
Systems
File & Content
File & Content
File & Content
File & Content
HyperStor
NAS 3x00 (Titan)
NAS 30x0 (Mercury)
NAS 4000 Series
SMU
Network Storage
Controller (NSC55)
Simple Modular
Storage (SMS)
Yes
Yes
Yes
Yes
No
No
No
No
No
No
No
No
Systems
Systems
Version
More Information
Systems
NO
NO
ALL
Systems
NO
NO
ALL
Systems
NO
NO
ALL
Systems
NO
NO
ALL
19
L a s t
M o d i f i e d : 7 - M a y
2 0 1 5
(FREAK)
Product Type
Product Name
Systems
NO
NO
ALL
NO
NO
ALL
NO
NO
ALL
Systems
NO
NO
ALL
Systems
Yes
No
Systems
No
No
Systems
Unified Storage VM
(HUS VM)
No
No
Systems
Universal Storage
Platform V (USP V)
No
No
No
No
No
No
No
No
No
No
Systems
Systems
Systems
Systems
Systems
Systems
Universal Storage
Platform VM (USP VM)
Hitachi Virtual Storage
Platform G1000 (VSP
G1000)
Virtual Storage
Platform (VSP)
Workgroup Modular
Storage WMS
Affected?
Vulnerable?
Other
Hi-Track Remote
Monitoring system
No
No
Other
No
No
Version
More Information
Only effects clients when a server
indicates the client needs to
downgrade the security session.
This does not affect the server.
Only effects clients when a server
indicates the client needs to
downgrade the security session.
This does not affect the server.
Only effects clients when a server
indicates the client needs to
downgrade the security session.
This does not affect the server.
Only effects clients when a server
indicates the client needs to
downgrade the security session.
This does not affect the server.
20
L a s t
M o d i f i e d : 7 - M a y
2 0 1 5
21
L a s t
M o d i f i e d : 7 - M a y
2 0 1 5
Product Name
Affected?
Vulnerable?
Version
Networking
VTL
Networking
Networking
Networking
Brocade
BusTech
Cisco Systems
Emulex
Qlogic
No
No
Software
Application Protector
Software
Arkivio
Business Continuity
Manager
Software
Software
CA Integration Module
Software
Software
Software
Software
Software
Software
Software
Software
Device Manager
Dual Active ID
Software
Software
Software
Dynamic Replicator
e-Copy
More Information
Under investigation by vendor
No
No
No
No
22
L a s t
M o d i f i e d : 7 - M a y
2 0 1 5
(SAMBA)
Product Type
Product Name
Software
IT Operations Analyzer
Software
IT Operations Analyzer
Advance
Software
IT Operations Director
Software
IT Operations
Integrator
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
Storage Navigator
Modular 2
Software
Storage Optimization
for MS SharePoint
Software
Vulnerable?
IT Operations
Repository
LPAR
Microsoft Adapters
NanoCopy
Oracle Adapters
Power Saving
Protection Manager
Replication Manager
Replication Monitor
SAP Adapters
Sepaton
Server Conductor
Seven10
SpectraLogic
Storage Adapter for
Petrel
Software
Software
Affected?
Version
More Information
No
No
Storage Services
Manager
Storage Viewer Suite
Backup Services
Manager (HBSM)
23
L a s t
M o d i f i e d : 7 - M a y
2 0 1 5
(SAMBA)
Product Type
Product Name
Affected?
Vulnerable?
Version
More Information
Storage Capacity
Reporter (HSCR)
Storage Fabric Reporter
(HSFR)
Virtual Server Reporter
(HVSR)
File Analytics Reporter
(HFAR)
Software
Software
Software
Software
Software
Software
Software
StorFirst Apollo
Streaming Data
Platform
Symantec Adapters
Tiered Storage
Manager
Tiered Storage
Manager for MF
Tuning Manager
TurboLUN
Software
UCP Orchestration
Software
Software
Virtual Infrastructure
Integrator
Software
VTL
24
L a s t
M o d i f i e d : 7 - M a y
2 0 1 5
(SAMBA)
Product Type
Product Name
Software
VMware Adapters
Zone Allocation
Manager
Software
Systems
Adaptable Modular
Storage (AMS)
Systems
Adaptable Modular
Storage 2000
Systems
Capacity Optimization
Systems
Affected?
No
Vulnerable?
Version
More Information
No
No
No
No
No
N/A
Systems
No
No
N/A
Systems
No
No
N/A
Systems
Compute Rack
210H/220H/220S
Compute Rack 220
No
No
N/A
No
No
N/A
Systems
25
L a s t
M o d i f i e d : 7 - M a y
2 0 1 5
(SAMBA)
Product Type
Product Name
Content Platform
Anywhere (HCP-AW)
HCP S Nodes
Systems
Systems
Systems
Systems
Affected?
Vulnerable?
Version
More Information
HCP 6.x and HCP 7.x systems
using the CIFS namespace
gateway with Active Directory
authentication are vulnerable. A
fix for this vulnerability will be
included in the 7.1.1 maintenance
release and a hotfix for 6.x will be
available by 3wwwww March
31st.
HCP Anywhere does not run
Samba and is not vulnerable
Under review.
All
Yes
Yes
Hitachi Universal
Storage VM
No
No
No
No
Systems
HyperStor
No
No
No LINUX
26
L a s t
M o d i f i e d : 7 - M a y
2 0 1 5
(SAMBA)
Product Type
Product Name
Affected?
Vulnerable?
No
No
No
No
SMU
No
No
No
No
No
No
No
No
Systems
Systems
Systems
Systems
Systems
Systems
Systems
Systems
Systems
Systems
Systems
Network Storage
Controller (NSC55)
Simple Modular
Storage (SMS)
UCP for Microsoft
Exchange
UCP Select for
Microsoft SQL Server
UCP Select for Oracle
Database
UCP Pro (UCP 4000 /
4000e) for VMware
vSphere
UCP Pro (UCP
4000/4000e) for
Microsoft Private Cloud
UCP Select for SAP
HANA
Systems
No
No
Systems
Unified Storage VM
(HUS VM)
No
No
Version
More Information
27
L a s t
M o d i f i e d : 7 - M a y
2 0 1 5
(SAMBA)
Product Type
Product Name
Affected?
Vulnerable?
Systems
Universal Storage
Platform V (USP V)
No
No
No
No
No
No
No
No
No
No
No
No
No
No
Systems
Systems
Systems
Systems
Other
Other
Universal Storage
Platform VM (USP VM)
Hitachi Virtual Storage
Platform G1000 (VSP
G1000)
Virtual Storage
Platform (VSP)
Workgroup Modular
Storage WMS
Hi-Track Remote
Monitoring system
Remote Access Control
Center (RACC)
Version
More Information
28
L a s t
M o d i f i e d : 7 - M a y
2 0 1 5
Buffer Overflow
The following table references Hitachi Data Systems products and solutions affected by the worldwide
security issue known as NTP. Open items are actively updated; please review this table frequently for new
details.
(GHOST)
Product Type
Product Name
Networking
Brocade
VTL
BusTech
Networking
Affected?
Vulnerable?
Version
No
No
Cisco Systems
Yes
Yes
Networking
Networking
Emulex
Qlogic
No
No
Software
Application Protector
Software
Arkivio
Business Continuity
Manager
Software
More Information
http://www.brocade.com/downl
oads/documents/technical_supp
ort_bulletins/brocadeassessment-gnu-c-library-sa.pdf
Vendor investigation 1/27/15
Bug CSCus68360 is fixed in
v5.2(8f) and 6.2(11b)
No
Software
CA Integration Module
Software
Software
Software
Software
Compute Systems
Manager
Software
Software
Yes
Yes
Fixed with
Service Pak 9
http://documentation.commvault
.com/commvault/v10/article?p=a
nnouncement/announcements.ht
m
29
L a s t
M o d i f i e d : 7 - M a y
2 0 1 5
(GHOST)
Product Type
Product Name
Software
Software
Device Manager
Dual Active ID
Software
Software
Software
Dynamic Replicator
e-Copy
Software
IT Operations Analyzer
Software
IT Operations Analyzer
Advance
Software
IT Operations Director
Software
IT Operations
Integrator
Software
IT Operations
Repository
Software
LPAR
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
Microsoft Adapters
NanoCopy
Oracle Adapters
Power Saving
Protection Manager
Replication Manager
Replication Monitor
SAP Adapters
Sepaton
Server Conductor
Seven10
SpectraLogic
Storage Adapter for
Petrel
Software
Affected?
Vulnerable?
Version
More Information
Tbd
Tbd
30
L a s t
M o d i f i e d : 7 - M a y
2 0 1 5
(GHOST)
Product Type
Product Name
Software
Storage Navigator
Modular 2
No
No
Software
Storage Optimization
for MS SharePoint
No
No
Yes
Yes
Software
Affected?
Vulnerable?
Version
More Information
SNM2 does not contain Linux
OS/glibc. Recommend customer
upgrade to fixed OS/glibc and
then restart SNM2 service.
Storage Services
Manager
Storage Viewer Suite
Backup Services
Manager (HBSM)
Storage Capacity
Reporter (HSCR)
Software
Software
Software
Software
Software
StorFirst Apollo
Streaming Data
Platform
Symantec Adapters
Tiered Storage
Manager
Software
Tiered Storage
Manager for MF
Software
Software
Tuning Manager
TurboLUN
Software
UCP Orchestration
Software
Software
Virtual Infrastructure
Integrator
ALL
Under Investigation
31
L a s t
M o d i f i e d : 7 - M a y
2 0 1 5
(GHOST)
Product Type
Product Name
Software
Affected?
Vulnerable?
Version
More Information
VTL
Software
Software
VMware Adapters
Zone Allocation
Manager
No
Systems
Adaptable Modular
Storage (AMS)
Systems
Adaptable Modular
Storage 2000
Systems
Capacity Optimization
Systems
No
No
No
32
L a s t
M o d i f i e d : 7 - M a y
2 0 1 5
(GHOST)
Product Type
Product Name
Affected?
Vulnerable?
Version
More Information
33
L a s t
M o d i f i e d : 7 - M a y
2 0 1 5
(GHOST)
Product Type
Product Name
Affected?
Vulnerable?
Version
More Information
34
L a s t
M o d i f i e d : 7 - M a y
2 0 1 5
(GHOST)
Product Type
Product Name
Content Platform
Anywhere (HCP-AW)
Affected?
Yes
Yes
Vulnerable?
No
No
Version
All
More Information
35
L a s t
M o d i f i e d : 7 - M a y
2 0 1 5
(GHOST)
Product Type
Product Name
Affected?
Vulnerable?
Systems
Yes
Yes
Systems
No
No
Yes
Yes
Version
All
All versions
prior to
03-01-00-00
Yes
No
03-01-00-00
and above
Systems
Yes
Yes
All
Systems
Hitachi Universal
Storage VM
No
No
Yes
No
Systems
HyperStor
More Information
HDDS does not use the
gethostbyname function of the
glibc, therefore under normal
operations of HDDS, it is not
affected. However, HDS and Red
Hat recommend the installation
of RHEL 6.2 as there is a security
update which should be applied.
"GHOST: glibc vulnerability (CVE2015-0235)
"https://access.redhat.com/articl
es/1332213
"glibc security update RHSA2015:0099"https://rhn.redhat.co
m/errata/RHSA-2015-0099.html
36
L a s t
M o d i f i e d : 7 - M a y
2 0 1 5
(GHOST)
Product Type
Product Name
Affected?
Vulnerable?
No
Yes
Yes
Yes
No
No
No
No
No
No
No
No
No
No
No
No
No
No
Yes
Yes
Yes
Yes
Yes
Yes
Systems
Systems
Systems
Systems
Systems
Systems
Systems
Systems
Systems
Version
More Information
No LINUX
See Tech Bulletin - 82081
See Tech Bulletin - 82081
See Tech Bulletin - 82081
Product does not contain Linux
OS, nor glibc library
Product does not contain Linux
OS, nor glibc library
No
No
Systems
No
No
Systems
Yes
No
Systems
No
No
37
L a s t
M o d i f i e d : 7 - M a y
2 0 1 5
(GHOST)
Product Type
Product Name
Affected?
Vulnerable?
Version
More Information
Systems
Unified Storage VM
(HUS VM)
No
No
No
No
No
No
No
No
No
No
No
No
Universal Storage
Platform V
Systems
(USP V)
Systems
Universal Storage
Platform VM (USP VM)
Hitachi Virtual Storage
Platform G1000 (VSP
G1000)
Virtual Storage
Platform (VSP)
Workgroup Modular
Storage WMS
Systems
Systems
Systems
Other
Hi-Track Remote
Monitoring system
No
No
Other
No
No
38
L a s t
M o d i f i e d : 7 - M a y
2 0 1 5
Product Name
Affected?
Vulnerable?
Version
More Information
Networking
Brocade
No
No
VTL
BusTech
Networking
Cisco Systems
MDS products
are affected
Networking
Emulex
Networking
Qlogic
Software
Application Protector
Software
Arkivio
Business Continuity
Manager
Software
Yes
Yes
No
No
No
Software
CA Integration Module
Software
Software
Software
Software
Software
Software
Software
Software
Software
Device Manager
Dual Active ID
Software
39
L a s t
M o d i f i e d : 7 - M a y
2 0 1 5
(NTP)
Product Type
Product Name
Affected?
Vulnerable?
Version
More Information
No dependency on NTP for
Scout.(only if you use it to sync
with a time server for sync.
Software
Dynamic Replicator
Software
e-Copy
Software
IT Operations Analyzer
Software
IT Operations Analyzer
Advance
Software
IT Operations Director
Software
IT Operations
Integrator
Software
Software
Software
Software
Software
Software
Software
IT Operations
Repository
Microsoft Adapters
NanoCopy
Oracle Adapters
Power Saving
Protection Manager
Replication Manager
40
L a s t
M o d i f i e d : 7 - M a y
2 0 1 5
(NTP)
Product Type
Product Name
Software
Software
Software
Software
Software
Replication Monitor
SAP Adapters
Sepaton
Server Conductor
Seven10
Software
SpectraLogic
Software
Software
Storage Navigator
Modular 2
Software
Storage Optimization
for MS SharePoint
Software
Affected?
Vulnerable?
Yes
Low
No
No
Version
Verde
More Information
Storage Services
Manager
Storage Viewer Suite
Backup Services
Manager (HBSM)
Storage Capacity
Reporter (HSCR)
Software
Software
Software
Software
Software
Software
StorFirst Apollo
Streaming Data
Platform
Symantec Adapters
Tiered Storage
Manager
Tiered Storage
Manager for MF
41
L a s t
M o d i f i e d : 7 - M a y
2 0 1 5
(NTP)
Product Type
Product Name
Software
Software
Tuning Manager
TurboLUN
Software
UCP Orchestration
Software
Software
Virtual Infrastructure
Integrator
Software
VTL
Software
Software
Affected?
Vulnerable?
Version
Yes
Yes
All Versions
More Information
VMware Adapters
Zone Allocation
Manager
Systems
Adaptable Modular
Storage (AMS)
Systems
Adaptable Modular
Storage 2000
Systems
Capacity Optimization
No
No
No
No
42
L a s t
M o d i f i e d : 7 - M a y
2 0 1 5
(NTP)
Product Type
Product Name
Affected?
Vulnerable?
Version
More Information
Systems
43
L a s t
M o d i f i e d : 7 - M a y
2 0 1 5
(NTP)
Product Type
Product Name
Systems
Systems
Affected?
No
Vulnerable?
Version
More Information
No
Data Ingestor
No
No
Systems
Hitachi Universal
Storage VM
No
No
Yes
Systems
File & Content
HyperStor
NAS 3x00 (Titan)
No
Yes
Yes
SMU
Yes
No
Limited (no
Internet)
Limited (no
Internet)
Limited (no
Internet)
NAS Platform F
No
No
No
No
No
No
No
No
No
No
No
No
Systems
Systems
Systems
Systems
Systems
Network Storage
Controller (NSC55)
Simple Modular
Storage (SMS)
UCP for Microsoft
Exchange
UCP Select for
Microsoft SQL Server
UCP Select for Oracle
Database
All GA
All GA
All GA
44
L a s t
M o d i f i e d : 7 - M a y
2 0 1 5
(NTP)
Product Type
Systems
Systems
Systems
Systems
Product Name
UCP Pro (UCP 4000 /
4000e) for VMware
vSphere
UCP Pro (UCP
4000/4000e) for
Microsoft Private Cloud
UCP Select for SAP
HANA
Affected?
Vulnerable?
Yes
Yes
No
No
No
No
Version
More Information
No
No
Systems
No
No
Systems
Systems
No
No
Systems
Unified Storage VM
(HUS VM)
No
No
Universal Storage
Platform V
No
No
Systems
(USP V)
Systems
Universal Storage
Platform VM (USP VM)
Hitachi Virtual Storage
Platform G1000 (VSP
G1000)
Virtual Storage
Platform (VSP)
Workgroup Modular
Storage WMS
Systems
Systems
Systems
No
No
No
No
No
No
No
No
45
L a s t
M o d i f i e d : 7 - M a y
2 0 1 5
(NTP)
Product Type
Product Name
Affected?
Vulnerable?
Other
Hi-Track Remote
Monitoring system
No
No
Other
No
No
Version
More Information
Poodle CVE-2014-3566
The following table references Hitachi Data Systems products and solutions affected by the worldwide security
issue known as Poodle. Open items are actively updated; please review this table frequently for new details.
(POODLE)
Product
Type
Product Name
Yes
FOS 6.x
FOS 7.x
Yes
Yes
NX-OS
5.x; 6.x
Networking Emulex
No
No
Networking Brocade
VTL
BusTech
Networking Qlogic
Yes
Software
Application Protector
Software
Arkivio
Software
Business Continuity
Manager
Software
CA Integration
Module
Yes
Yes
No
8.0.14.12
and
below
All
More Information
Fix issued in the following FOS releases:
6.4.3g; 7.02f; 7.1.2c; 7.2.1d; 7.3.0c
Under Investigation as of 10-16
Fixed in the following NXOS releases: 5.2(8e),
6.2(9a) and 6.2(11b)
Fixed in firmware 8.0.14.13.00
46
L a s t
(POODLE)
Product
Type
Software
Software
Software
M o d i f i e d : 7 - M a y
2 0 1 5
Product Name
More Information
Yes
Has statement.
No
Low
No
Yes
Yes
Software
Compute Systems
Manager
Software
Software
Data Instance
Manager
Software
Software
Device Manager
Software
Dual Active ID
Software
Dynamic Link
Manager
Software
Software
Dynamic Replicator
e-Copy
File &
Content
Software
IT Operations
Analyzer
Yes
Software
IT Operations
Analyzer Advance
Yes
Software
IT Operations Director
Yes
No
47
L a s t
(POODLE)
Product
Type
M o d i f i e d : 7 - M a y
Product Name
Software
IT Operations
Integrator
No
Software
IT Operations
Repository
No
Software
Software
Software
Software
Software
Microsoft Adapters
NanoCopy
Oracle Adapters
Power Saving
Protection Manager
Software
Replication Manager
Software
Software
Software
Software
Software
Software
Replication Monitor
SAP Adapters
Sepaton
Server Conductor
Seven10
SpectraLogic
Storage Adapter for
Petrel
Software
Software
Storage Navigator
Modular 2
Software
Storage Optimization
for MS SharePoint
Software
Software
2 0 1 5
More Information
Need to disable SSL v3 on server side and use
other secure communication method with
client side.
Need to disable SSL v3 on server side and use
other secure communication method with
client side.
Yes
No
Under Investigation as of 10-16
Yes
Low Risk
V4 and
above for
DF850
V21 and
above for
DF800
Storage Services
Manager
Storage Viewer Suite
Backup Services
Manager (HBSM)
48
L a s t
(POODLE)
Product
Type
M o d i f i e d : 7 - M a y
Product Name
2 0 1 5
More Information
Storage Capacity
Reporter (HSCR)
Storage Fabric
Reporter (HSFR)
Virtual Server Reporter
(HVSR)
File Analytics Reporter
(HFAR)
Software
StorFirst Apollo
Streaming Data
Platform
Symantec Adapters
No
Software
Tiered Storage
Manager
Yes
Software
Tiered Storage
Manager for MF
Software
Tuning Manager
Yes
Software
TurboLUN
Software
UCP Orchestration
Software
Software
Virtual Infrastructure
Integrator
Software
VTL
Software
VMware Adapters
Software
Software
Not
affected
49
L a s t
(POODLE)
Product
Type
M o d i f i e d : 7 - M a y
Product Name
Software
Zone Allocation
Manager
Systems
Adaptable/Workgroup Not
affected
Modular Storage
(AMS/WMS)
Systems
Adaptable Modular
Storage 2000
Systems
Capacity Optimization
Systems
Systems
Systems
Systems
Systems
File &
Content
Systems
Systems
File &
Content
Data Ingestor
File &
Content
High-performance
NAS Platform
Systems
Hitachi Universal
Storage VM
File &
Content
Systems
File &
Content
2 0 1 5
Yes
Low Risk
V04 and
later
More Information
082030
081645
Yes
Low Risk
All
Yes
Low Risk
All
81729
YES
Low Risk
Release
8.x
50
L a s t
(POODLE)
Product
Type
File &
Content
File &
Content
File &
Content
File &
Content
Systems
Systems
File &
Content
Systems
Systems
Systems
Systems
Systems
Systems
Systems
Systems
Systems
M o d i f i e d : 7 - M a y
2 0 1 5
Product Name
YES
Low Risk
YES
Low Risk
SMU
YES
Low Risk
NAS Platform F
Yes
Low Risk
All
Low Risk
V04 and
later
Network Storage
Controller (NSC55)
Simple Modular
Storage (SMS)
More Information
Prior to
12.1
Prior to
12.1
Prior to
12.2
TBD
Yes
Titan
UCP for Microsoft
Exchange
UCP for Microsoft SQL
Server
UCP for Oracle
Database
UCP Pro for VMware
vSphere
UCP Pro for VMware
vSphere
UCP Select for Citrix
XenDesktop
UCP Pro for VMware
vSphere
UCP Select for Citrix
XenDesktop
UCP Select for
Microsoft Private
Cloud
Systems
Systems
51
L a s t
(POODLE)
Product
Type
Systems
Systems
Systems
Systems
Systems
M o d i f i e d : 7 - M a y
Product Name
File &
Content
Systems
Unified Storage VM
(HUS VM)
Systems
More Information
Yes
Low Risk
All
082030
Yes
Low Risk
All
81729
All
81729
Yes
Low Risk
Yes
Low Risk
All
81729
Yes
Low Risk
All
All
81729
Universal Storage
Platform V
(USP V)
Systems
Systems
Systems
2 0 1 5
Universal Storage
Platform VM (USP
VM)
Hitachi Virtual Storage
Platform G1000 (VSP
G1000)
Systems
Virtual Storage
Platform (VSP)
Yes
Low Risk
Other
Hi-Track Remote
Monitoring system
No
No
Other
Remote Access
Control Center (RACC)
No
No
52
L a s t
M o d i f i e d : 7 - M a y
2 0 1 5
53
L a s t
M o d i f i e d : 7 - M a y
2 0 1 5
Shellshock CVE-2014-6271
The following table references Hitachi Data Systems products and solutions affected by the worldwide security
issue known as Shellshock. Open items are actively updated; please review this table frequently for new details.
(Shellshock)
Product Type
Product Name
Affected?
Vulnerable?
Version
More Information
Networking
Brocade
Yes
Yes
VTL
Networking
BusTech
Cisco Systems
TBD
Yes
Yes
NXOS 5.x;
6.x
Networking
Networking
Networking
Ctera
Emulex
Qlogic
No
No
Yes
No
Yes
Software
Application
Protector
Arkivio
Business
Continuity
Manager
CA Integration
Module
Clinical
Repository Karos
Clinical
Repository Visbion
Command
Director
Compute
Systems
Manager
Data Discovery
Suite for MS
SharePoint
Data Instance
Manager
Data Protection
Suite
TBD
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
TBD
TBD
8.0.14.12
and below
Under investigation
TBD
No
No
No
No
TBD
TBD
TBD
54
L a s t
M o d i f i e d : 7 - M a y
2 0 1 5
(Shellshock)
Product Type
Product Name
Affected?
Software
Software
Software
Device Manager
Dual Active ID
Dynamic Link
Manager
Dynamic
Replicator
e-Copy
Extension Pack
for Secure FTP
IT Operations
Analyzer
IT Operations
Analyzer
Advance
IT Operations
Director
IT Operations
Integrator
IT Operations
Repository
Microsoft
Adapters
NanoCopy
Oracle Adapters
Power Saving
Protection
Manager
Replication
Manager
Replication
Monitor
SAP Adapters
Sepaton
Server
Conductor
Seven10
SpectraLogic
Storage Adapter
for Petrel
No
TBD
No
Software
Software
File & Content
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
Vulnerable?
No
TBD
Yes
Version
More Information
Under investigation
No
Alert #81524
TBD
TBD
TBD
TBD
TBD
TBD
TBD
TBD
TBD
No
No
No
TBD
TBD
TBD
No
TBD
TBD
55
L a s t
M o d i f i e d : 7 - M a y
2 0 1 5
(Shellshock)
Product Type
Product Name
Affected?
Vulnerable?
Software
Storage
Navigator
Modular 2
Storage
Optimization for
MS SharePoint
Storage Services
Manager
Storage Viewer
Suite
No
No
Software
Software
Software
Version
More Information
81554
TBD
TBD
No
Backup Services
Manager (HBSM)
Storage Capacity
Reporter (HSCR)
Storage Fabric
Reporter (HSFR)
Virtual Server
Reporter (HVSR)
File Analytics
Reporter (HFAR)
Software
Software
Software
Software
Software
Software
Software
StorFirst Apollo
Streaming Data
Platform
Symantec
Adapters
Tiered Storage
Manager
Tiered Storage
Manager for MF
Tuning Manager
TurboLUN
No
TBD
TBD
No
No
No
TBD
56
L a s t
M o d i f i e d : 7 - M a y
2 0 1 5
(Shellshock)
Product Type
Product Name
Affected?
Vulnerable?
Software
UCP
Orchestration
Software
Yes
Yes
Version
More Information
If you are using versions of Bash in
operating systems based on SUSE
Linux Enterprise 9, 10 or 11, your
servers are potentially at risk. If
your systems are compromised, we
recommend that you patch your
systems right away.
Follow this link for the security
update from SUSE:
https://www.suse.com/support/up
date/announcement/2014/susesu-20141247-1.html
Software
Software
VTL
Software
Software
Systems
Systems
Systems
Systems
Systems
Systems
Virtual
Infrastructure
Integrator
Virtual Tape
Library Diligent
Virtual Tape
Library
FalconStor
VMware
Adapters
Zone Allocation
Manager
Adaptable
Modular
Storage (AMS)
Adaptable
Modular
Storage 2000
Capacity
Optimization
Compute Blade
2000
Compute Blade
500
Compute Blade
320
TBD
TBD
Yes
Yes
Current
Patch is available on
falconstore.com
TBD
TBD
No
81554
No
81554
No
No
TBD
No
No
N/A
No
No
N/A
No
No
N/A
57
L a s t
M o d i f i e d : 7 - M a y
2 0 1 5
(Shellshock)
Product Type
Product Name
Affected?
Vulnerable?
Version
Systems
Compute Rack
210H/220H/220
S
Compute Rack
220
Content
Platform (HCP)
and Content
Platform
Anywhere (HCPAW)
Data Discovery
Suite
Data Discovery
Suite for MS
SharePoint
Data Ingestor
No
No
N/A
No
No
N/A
No
No
All
No
Dependent
Yes
No
Highperformance
NAS Platform
Hitachi
Universal
Storage VM
HUS File
Module
HyperStor
Mercury
NAS 4000 Series
NAS Platform
NAS Platform F
Network
Storage
Controller
(NSC55)
Simple Modular
Storage (SMS)
Titan
Yes
No
Alert #81511
No
No
81554
Yes
No
Alert #81511
TBD
Yes
Yes
Yes
Yes
No
No
No
No
No
No
Alert #81511
Alert #81511
Alert #81511
Alert #81528
81554
No
No
81554
Yes
No
Alert #81511
Systems
File & Content
Systems
Systems
Systems
Systems
File & Content
More Information
Alert #81528
No
All
Alert #81520
58
L a s t
M o d i f i e d : 7 - M a y
2 0 1 5
(Shellshock)
Product Type
Product Name
Affected?
Vulnerable?
Systems
UCP for
Microsoft
Exchange
UCP for
Microsoft SQL
Server
UCP for Oracle
Database
UCP Pro for
VMware
vSphere
UCP Select for
Citrix
XenDesktop
UCP Select for
Microsoft
Private Cloud
UCP Select for
Oracle
UCP Select for
SAP HANA
No
No
No
No
No
No
Yes
Yes
No
No
No
No
No
No
Yes
Yes
Systems
Systems
Systems
Systems
Systems
Systems
Systems
Version
More Information
Under investigation
SUSE Linux
Enterprise
9, 10, 11
https://www.suse.com/support/up
date/announcement/2014/susesu-20141247-1.html
Systems
Systems
Systems
No
No
No
No
No
No
81554
59
L a s t
M o d i f i e d : 7 - M a y
2 0 1 5
(Shellshock)
Product Type
Product Name
Affected?
Vulnerable?
Unified Storage
File Module
(HUS FM)
Unified Storage
VM (HUS VM)
Universal
Storage
Platform V
(USP V)
Universal
Storage
Platform VM
(USP VM)
Hitachi Virtual
Storage
Platform G1000
(VSP G1000)
Virtual Storage
Platform (VSP)
Workgroup
Modular
Storage WMS
Hi-Track
Remote
Monitoring
system
Remote Access
Control Center
(RACC)
Yes
No
81511
No
No
81554
No
No
81554
No
No
81554
No
No
81554
No
No
81554
No
No
81554
No
No
No
No
Systems
Systems
Systems
Systems
Systems
Systems
Other
Other
Version
More Information
60
L a s t
M o d i f i e d : 7 - M a y
2 0 1 5
OpenSSL Heartbleed
The following table references Hitachi Data Systems products and accessories affected by the worldwide security issue
known as OpenSSL Heartbleed. Open items are actively updated; please review this table frequently for new details.
(Heartbleed)
Product Type
Networking
Networking
Networking
Networking
Networking
Networking
Networking
Networking
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
Product Name
Asempra
Brocade
BusTech
Ciena
Cisco Systems
Ctera
Emulex
Qlogic
Application Protector
Arkivio
Business Continuity Manager
CA Integration Module
Clinical Repository - Karos
Clinical Repository - Visbion
Command Director
Compute Systems Manager
Data Discovery Suite for MS
SharePoint
Data Instance Manager
Data Protection Suite
Device Manager
Dual Active ID
Dynamic Link Manager
Dynamic Replicator
e-Copy
Extension Pack for Secure FTP
IT Operations Analyzer
IT Operations Analyzer Advance
IT Operations Director
IT Operations Integrator
IT Operations Repository
Microsoft Adapters
NanoCopy
Affected?
No
No
No
No
Version
FOS, NOS, BNA
See Cisco.com.
Advisory ID: cisco-sa-20140409heartbleed
No
No
No
No
No
No
No
Yes
No
No
More Information
v1, v2
680669
All
No
No
No
No
No
Yes
No
No
No
No
No
No
61
L a s t
(Heartbleed)
Product Type
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
M o d i f i e d : 7 - M a y
Product Name
Oracle Adapters
Power Saving
Protection Manager
Replication Manager
Replication Monitor
SAP Adapters
Sepaton
Server Conductor
Seven10
SpectraLogic
Storage Adapter for Petrel
Storage Navigator Modular 2
Storage Optimization for MS
SharePoint
Storage Services Manager
Storage Viewer Suite
Affected?
No
2 0 1 5
Version
More Information
No
No
No
No
No
No
No
No
No
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
Software
Systems
Systems
Systems
Systems
Systems
Systems
StorFirst Apollo
Streaming Data Platform
Symantec Adapters
Tiered Storage Manager
Tiered Storage Manager for MF
Tuning Manager
TurboLUN
UCP Orchestration Software
Virtual Infrastructure Integrator
Virtual Tape Library Diligent
Virtual Tape Library FalconStor
VMware Adapters
Zone Allocation Manager
5700 Series
5800 Series
7000 Series
9200 Series
9500 V Series
9900 Series
No
No
No
No
Yes
No
No
No
No
2.x, 3.x
080667
No
No
No
No
No
No
62
L a s t
(Heartbleed)
Product Type
Systems
Systems
Systems
Systems
Systems
Systems
Systems
Systems
Systems
Systems
Systems
Systems
Systems
Systems
Systems
Systems
Systems
Systems
Systems
Systems
Systems
Systems
Systems
Systems
Systems
Systems
Systems
Systems
Systems
Systems
Systems
Systems
Systems
Systems
Systems
M o d i f i e d : 7 - M a y
Product Name
9900 V Series
Adaptable Modular Storage
(AMS)
Adaptable Modular Storage 2000
Capacity Optimization
Compute Blade 2000
Compute Blade 500
Compute Blade 320
Compute Rack 210H/220H/220S
Compute Rack 220
Content Archive Platform
Content Platform (HCP)
Content Platform Anywhere
(HCP-AW)
Data Discovery Suite
Data Discovery Suite for MS
SharePoint
Data Ingestor
Essential NAS Platform
High-performance NAS Platform
Hitachi Universal Storage VM
HUS File Module
HyperStor
Mercury
NAS 4000 Series
NAS Platform
NAS Platform F
Network Storage Controller
(NSC55)
Simple Modular Storage (SMS)
Titan
UCP for Microsoft Exchange
UCP for Microsoft SQL Server
UCP for Oracle Database
UCP Pro for VMware vSphere
UCP Select for Citrix XenDesktop
UCP Select for Microsoft Private
Cloud
UCP Select for Oracle
UCP Select for SAP HANA
Affected?
No
2 0 1 5
Version
More Information
No
No
Yes
Yes
No
Yes
No
No
No
080852
080850
080854
No
No
No
No
No
No
Yes
Yes
Yes
Yes
Yes
No
No
No
No
No
No
No
Yes
No
No
No
Yes
11.1.3200.00 +
080654
11.1.3200.00 +
11.1.3200.00 +
11.1.3200.00 +
080654
080654
080654
080667
63
L a s t
(Heartbleed)
Product Type
M o d i f i e d : 7 - M a y
Systems
Yes
VMware 5.5
Systems
Systems
Yes
No
VMware 5.5
More Information
Please refer to HNAS product for
resolution. 080654
See VMware.com; No for
VMware 5.1
See VMware.com; No for
VMware 5.1
Yes
Yes
11.1.3200.00 +
OSS V03
080654
080650
OSS V01
OSS V06
080650
080650
Systems
Systems
Systems
Systems
Systems
Systems
Systems
Other
Other
Product Name
Affected?
2 0 1 5
Version
No
No
Yes
Yes
No
No
No
64