{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2025-1484","assignerOrgId":"e383dce4-0c27-4495-91c4-0db157728d17","state":"PUBLISHED","assignerShortName":"Hitachi Energy","dateReserved":"2025-02-19T21:19:18.947Z","datePublished":"2025-05-30T12:26:42.536Z","dateUpdated":"2025-05-30T13:22:41.411Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","product":"Asset Suite","vendor":"Hitachi Energy","versions":[{"status":"affected","version":"9.6.4.4"},{"status":"unaffected","version":"9.6.4.5"}]}],"descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"A vulnerability exists in the media upload component of the Asset \nSuite versions listed below. If successfully exploited an attacker \ncould impact the confidentiality or integrity of the system. An attacker can use this vulnerability to construct a request that will \ncause JavaScript code supplied by the attacker to execute within \nthe user’s browser in the context of that user’s session with the \napplication."}],"value":"A vulnerability exists in the media upload component of the Asset \nSuite versions listed below. If successfully exploited an attacker \ncould impact the confidentiality or integrity of the system. An attacker can use this vulnerability to construct a request that will \ncause JavaScript code supplied by the attacker to execute within \nthe user’s browser in the context of that user’s session with the \napplication."}],"metrics":[{"cvssV4_0":{"Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","Safety":"NOT_DEFINED","attackComplexity":"LOW","attackRequirements":"NONE","attackVector":"NETWORK","baseScore":6.3,"baseSeverity":"MEDIUM","privilegesRequired":"LOW","providerUrgency":"NOT_DEFINED","subAvailabilityImpact":"NONE","subConfidentialityImpact":"HIGH","subIntegrityImpact":"HIGH","userInteraction":"PASSIVE","valueDensity":"NOT_DEFINED","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:H/SI:H/SA:N","version":"4.0","vulnAvailabilityImpact":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnerabilityResponseEffort":"NOT_DEFINED"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]},{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"LOW","baseScore":6.5,"baseSeverity":"MEDIUM","confidentialityImpact":"LOW","integrityImpact":"LOW","privilegesRequired":"LOW","scope":"CHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-184","description":"CWE-184","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"e383dce4-0c27-4495-91c4-0db157728d17","shortName":"Hitachi Energy","dateUpdated":"2025-05-30T12:26:42.536Z"},"references":[{"url":"https://publisher.hitachienergy.com/preview?DocumentID=8DBD000212&LanguageCode=en&DocumentPartId=&Action=Launch"}],"source":{"discovery":"UNKNOWN"},"x_generator":{"engine":"Vulnogram 0.2.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-05-30T13:22:35.804566Z","id":"CVE-2025-1484","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-05-30T13:22:41.411Z"}}]}}