ByteOS Network

NVD Vulnerability Details :

CVE-2024-0400

Deferred

Source-cybersecurity@hitachienergy.com

Published At-27 Mar, 2024 | 03:15

Updated At-15 Apr, 2026 | 00:35

SCM Software is a client and server application. An Authenticated System manager client can execute LINQ query in the SCM server, for customized filtering. An Authenticated malicious client can send a specially crafted code to skip the validation and execute arbitrary code (RCE) on the SCM Server remotely. Malicious clients can execute any command by using this RCE vulnerability.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Secondary	3.1	7.5	HIGH	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Type: Secondary

Version: 3.1

Base score: 7.5

Base severity: HIGH

Vector:

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Weaknesses

CWE ID	Type	Source
CWE-94	Secondary	cybersecurity@hitachienergy.com

CWE ID: CWE-94

Type: Secondary

Source: cybersecurity@hitachienergy.com

References

Hyperlink	Source	Resource
https://publisher.hitachienergy.com/preview?DocumentId=8DBD000189&languageCode=en&Preview=true	cybersecurity@hitachienergy.com	N/A
https://publisher.hitachienergy.com/preview?DocumentId=8DBD000189&languageCode=en&Preview=true	af854a3a-2127-422b-91ae-364da2661108	N/A

Hyperlink: https://publisher.hitachienergy.com/preview?DocumentId=8DBD000189&languageCode=en&Preview=true

Source: cybersecurity@hitachienergy.com

Resource: N/A

Hyperlink: https://publisher.hitachienergy.com/preview?DocumentId=8DBD000189&languageCode=en&Preview=true

Source: af854a3a-2127-422b-91ae-364da2661108

Resource: N/A

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History