VDB
CVE-2025-1484
CVE-2025-1484
PUBLISHED
CVSS 6.300000190734863 MEDIUM
A vulnerability exists in the media upload component of the Asset Suite versions listed below. If successfully exploited an attacker could impact the confidentiality or integrity of the system. An attacker can use this vulnerability to construct a request that will cause JavaScript code supplied by the attacker to execute within the user’s browser in the context of that user’s session with the application.
EPSS 0.17% · 37.6th percentile
Risk Scores
CVSS 4.0
6.300000190734863
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:H/SI:H/SA:N
EPSS Score
0.17%
37.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Hitachi Energy | Asset Suite | 9.6.4.4, 9.6.4.5 |
Exploit Intelligence
- CIRCL seen: CVE-2025-1484 (circl-sighting)
- CIRCL seen: CVE-2025-1484 (circl-sighting)
- https://publisher.hitachienergy.com/preview?DocumentID=8DBD000212&LanguageCode=en&DocumentPartId=&Action=Launch (circl)
Timeline
- Feb 19, 2025 CVE ID Reserved
- May 30, 2025 Coalition ESS Score
- May 30, 2025 CVE Published
- May 30, 2025 PoC Published
- May 30, 2025 CVE Updated
- May 31, 2025 EPSS Score
- Jun 11, 2025 EPSS Score
- Jun 22, 2025 EPSS Score
- Jul 2, 2025 EPSS Score
- Jul 13, 2025 EPSS Score
- Jul 15, 2025 PoC Published
- Jul 24, 2025 EPSS Score