ГлавнаяУязвимости → CVE-2024-2097
7.5высокая

CVE-2024-2097

Описание

An authenticated malicious client can send a special LINQ query to execute arbitrary code remotely (RCE) on the SCM server from List control, and execute the arbitrary code on the same system where SCMArchivedEventViewerTool is installed in the case of SCM Tools.

CVSS
Балл7.5 — высокая
ВекторCVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://publisher.hitachienergy.com/preview?DocumentId=8DBD000189&languageCode=en&Preview=truehttps://publisher.hitachienergy.com/preview?DocumentId=8DBD000189&languageCode=en&Preview=true