Promod V
Monthly
Cleartext-transmission exposure in Hitachi Energy PROMOD V allows a network man-in-the-middle to intercept or read sensitive data because the application relies on unencrypted HTTP rather than HTTPS when communicating with a third-party Digipede grid-computing server. The flaw (CWE-1428, reliance on an insecure communications channel) carries a CVSS 4.0 base score of 7.0 and is rated high confidentiality impact with limited integrity impact; there is no public exploit identified at time of analysis and it is not listed in CISA KEV.
Cleartext-transmission exposure in Hitachi Energy PROMOD V allows a network man-in-the-middle to intercept or read sensitive data because the application relies on unencrypted HTTP rather than HTTPS when communicating with a third-party Digipede grid-computing server. The flaw (CWE-1428, reliance on an insecure communications channel) carries a CVSS 4.0 base score of 7.0 and is rated high confidentiality impact with limited integrity impact; there is no public exploit identified at time of analysis and it is not listed in CISA KEV.