SMU versions prior to 14.8.7825.01 are susceptible to unintended information disclosure, through URL manipulation. Authenticated users in Storage, Server or combined Server+Storage administrative roles are able to access SMU configuration backup, that would normally be barred to those specific administrative roles.
Name | Vendor | Start Version | End Version |
---|---|---|---|
System_management_unit_firmware | Hitachi | * | 14.8.7825.01 (excluding) |