Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-5828

Expression Language Injection vulnerability in Hitachi Tuning Manager on Windows, Linux, Solaris allows Code Injection.This issue affects Hitachi Tuning Manager: before 8.8.7-00.

Published

2024-08-06T03:15:30.103

Last Modified

2025-01-08T21:25:28.967

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 8.6 (HIGH)

Weaknesses

Type: Secondary
CWE-917
Type: Primary
CWE-917

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	hitachi	tuning_manager	< 8.8.7-00	Yes
Operating System	linux	linux_kernel	-	No
Operating System	microsoft	windows	-	No
Operating System	oracle	solaris	-	No

References

https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2024-140/index.html Vendor Advisory ([email protected])