cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-2097,https://securityvulnerability.io/vulnerability/CVE-2024-2097,Malicious Client Can Execute Arbitrary Code Remotely via LINQ Query,"A vulnerability exists in Hitachi Energy's SCM Server where an authenticated malicious client can exploit the system by executing specially crafted LINQ queries. This action allows the user to perform remote code execution, leading to potential manipulation of server operations and unauthorized access to sensitive information. Without proper safeguards, this vulnerability poses a significant risk to organizations using the affected SCM Server versions.",Hitachi,Mach Scm,7.5,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-03-27T02:26:17.338Z,0
CVE-2024-0400,https://securityvulnerability.io/vulnerability/CVE-2024-0400,Authenticated Remote Code Execution Vulnerability Affects SCM Server,"SCM Software, developed by Hitachi Energy, is designed for both client and server applications. This vulnerability allows an authenticated system manager client to execute LINQ queries on the SCM server for customized filtering. However, a malicious authenticated client can exploit this functionality by sending specially crafted input that bypasses validation checks, enabling the remote execution of arbitrary code on the SCM server. This instance of remote code execution (RCE) poses a significant risk, as it grants attackers the ability to execute any command on the server, potentially compromising the entire system.",Hitachi,Mach Scm,7.5,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-03-27T02:03:57.253Z,0