Global Link Manager
CVE-2024-0715
CRITICAL
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
Expression Language Injection vulnerability in Hitachi Global Link Manager on Windows allows Code Injection.This issue affects Hitachi Global Link Manager: before 8.8.7-03.
AnalysisAI
Expression Language Injection vulnerability in Hitachi Global Link Manager on Windows allows Code Injection.8.7-03. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-917. Expression Language Injection vulnerability in Hitachi Global Link Manager on Windows allows Code Injection.8.7-03. Affected products include: Hitachi Global Link Manager. Version information: before 8.8.7.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Global Link Manager
View allSame technique Code Injection
View allShare
External POC / Exploit Code
Leaving vuln.today