ГлавнаяУязвимости → CVE-2024-0400
7.5высокая

CVE-2024-0400

Описание

SCM Software is a client and server application. An Authenticated System manager client can execute LINQ query in the SCM server, for customized filtering. An Authenticated malicious client can send a specially crafted code to skip the validation and execute arbitrary code (RCE) on the SCM Server remotely. Malicious clients can execute any command by using this RCE vulnerability.

CVSS
Балл7.5 — высокая
ВекторCVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://publisher.hitachienergy.com/preview?DocumentId=8DBD000189&languageCode=en&Preview=truehttps://publisher.hitachienergy.com/preview?DocumentId=8DBD000189&languageCode=en&Preview=true