CVE-2024-0400

Name of the Vulnerable Software and Affected Versions SCM Software (affected versions not specified)

Description The issue allows an authenticated malicious client to send specially crafted code to skip validation and execute arbitrary code remotely on the SCM Server. This can be achieved by exploiting the ability of authenticated system manager clients to execute LINQ queries in the SCM server for customized filtering. The malicious client can execute any command using this exploit.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.