CVE-2025-1484
6.3
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:H/SI:H/SA:N
Summary
A vulnerability exists in the media upload component of the Asset Suite versions listed below. If successfully exploited an attacker could impact the confidentiality or integrity of the system. An attacker can use this vulnerability to construct a request that will cause JavaScript code supplied by the attacker to execute within the user’s browser in the context of that user’s session with the application.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Hitachi Energy | Asset Suite | 9.6.4.4 | affected |
| Hitachi Energy | Asset Suite | 9.6.4.5 | unaffected |
Weaknesses
- CWE-184: CWE-184
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.