CVE-2025-1484
CVE-2025-1484
Vexday Risk Score
13Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 6.3EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
30 may 2025Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
A vulnerability exists in the media upload component of the Asset
Suite versions listed below. If successfully exploited an attacker
could impact the confidentiality or integrity of the system. An attacker can use this vulnerability to construct a request that will
cause JavaScript code supplied by the attacker to execute within
the user’s browser in the context of that user’s session with the
application.
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:H/SI:H/SA:N
Productos afectados
Hitachi Energy · Asset Suite¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →