CISA

Hitachi Energy PROMOD V

From Cybersecurity and Infrastructure Security Agency ↗

Hitachi Energy is aware of insecure HTTP transmission vulnerability in PROMOD V product versions listed in this document. This vulnerability could allow attackers to intercept or manipulate sensitive data in transit, potentially leading to credential theft, session hijacking, or unauthorized access.

The following versions of Hitachi Energy PROMOD V are affected:

PROMOD V vers:PROMOD_V/Running PROMOD V->Digipede Grid. Alternatively, refer to the same section in the online help contained in the application.

MitigationApply general mitigation factors

Relevant CWE: CWE-1428 Reliance on HTTP instead of HTTPS

Metrics

Base Score

Base Severity

Vector String

3.1

7.1

HIGH

4.0

7

HIGH

Acknowledgments

Hitachi Energy Internal Team

Notice

The information in this document is subject to change without notice and should not be construed as a commitment by Hitachi Energy. Hitachi Energ...