CVE-2025-2500 | THREATINT

Description

A vulnerability exists in the SOAP Web services of the Asset Suite versions listed below. If successfully exploited, an attacker could gain unauthorized access to the product and the time window of a possible password attack could be expanded.

PUBLISHED Reserved 2025-03-18 | Published 2025-05-30 | Updated 2025-05-30 | Assigner Hitachi Energy

CRITICAL: 9.1CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

HIGH: 7.4CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

Problem types

CWE-256

Product status

Default status

unaffected

9.6.4.4

affected

9.7

affected

References

publisher.hitachienergy.com/...DocumentPartId=&Action=Launch

cve.org (CVE-2025-2500)

nvd.nist.gov (CVE-2025-2500)

Download JSON