Hitachi Energy is aware of insecure HTTP transmission vulnerability in PROMOD V product versions listed in this document. This vulnerability could allow attackers to intercept or manipulate sensitive data in transit, potentially leading to credential theft, session hijacking, or unauthorized access.
The following versions of Hitachi Energy PROMOD V are affected:
PROMOD V vers:PROMOD_V/Running PROMOD V->Digipede Grid. Alternatively, refer to the same section in the online help contained in the application.
MitigationApply general mitigation factors
Relevant CWE: CWE-1428 Reliance on HTTP instead of HTTPS
Metrics
Base Score
Base Severity
Vector String
3.1
7.1
HIGH
4.0
7
HIGH
Acknowledgments
Hitachi Energy Internal Team
Notice
The information in this document is subject to change without notice and should not be construed as a commitment by Hitachi Energy. Hitachi Energ...