Security Advisory

CVE-2024-0400

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-03-27 02:03:57

Last updated 2025-10-16 08:07:33

Assigner Hitachi Energy

State PUBLISHED

Description

SCM Software is a client and server application. An Authenticated System manager client can execute LINQ query in the SCM server, for customized filtering. An Authenticated malicious client can send a specially crafted code to skip the validation and execute arbitrary code (RCE) on the SCM Server remotely. Malicious clients can execute any command by using this RCE vulnerability.

← Browse all CVEs View on cve.org ↗