High severity7.5NVD Advisory· Published Mar 27, 2024· Updated Apr 15, 2026

CVE-2024-2097

Description

An authenticated malicious client can send a special LINQ query to execute arbitrary code remotely (RCE) on the SCM server from List control, and execute the arbitrary code on the same system where SCMArchivedEventViewerTool is installed in the case of SCM Tools.

Affected products

Hitachi/SCMllm-create
osv-coords7 versions
pkg:rpm/almalinux/mysql pkg:rpm/almalinux/mysql-common pkg:rpm/almalinux/mysql-devel pkg:rpm/almalinux/mysql-errmsg pkg:rpm/almalinux/mysql-libs pkg:rpm/almalinux/mysql-server pkg:rpm/almalinux/mysql-test
< 8.0.36-1.el9_3+ 6 more
- (no CPE)range: < 8.0.36-1.el9_3
- (no CPE)range: < 8.0.36-1.el9_3
- (no CPE)range: < 8.0.36-1.el9_3
- (no CPE)range: < 8.0.36-1.el9_3
- (no CPE)range: < 8.0.36-1.el9_3
- (no CPE)range: < 8.0.36-1.el9_3
- (no CPE)range: < 8.0.36-1.el9_3

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

publisher.hitachienergy.com/previewnvd

News mentions

No linked articles in our index yet.

cvss	0.488
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000