CVE-2024-0715

Name of the Vulnerable Software and Affected Versions Hitachi Global Link Manager versions prior to 8.8.7-03

Description The issue is related to an Expression Language Injection vulnerability in Hitachi Global Link Manager on Windows, allowing code injection. This vulnerability can be exploited by a remote attacker to execute arbitrary code. The vulnerability is associated with the failure to neutralize special elements used in the expression language operator.

Recommendations For versions prior to 8.8.7-03, update to version 8.8.7-03 or later to resolve the issue. As a temporary workaround, consider restricting access to the expression language operator to minimize the risk of exploitation.