CVE-2023-5808 Information

Description

SMU versions prior to 14.8.7825.01 are susceptible to unintended information disclosure through URL manipulation. Authenticated users in Storage Server or combined Server+Storage administrative roles are able to access HNAS configuration backup and diagnostic data that would normally be barred to those specific administrative roles.

Reference

https://support.hitachivantara.com/