CVE-2025-10217

A vulnerability exists in Asset Suite for an authenticated user to manipulate the content of performance related log data or to inject crafted data in logfile for potentially carrying out further malicious attacks. Performance logging is typically enabled for troubleshooting purposes while resolving application performance related issues.

CVSS

No CVSS.

References

Link	Resource
https://publisher.hitachienergy.com/preview?DocumentID=8DBD000226&LanguageCode=en&DocumentPartId=&Action=Launch

Configurations

No configuration.

History

15 Apr 2026, 00:35

Type	Values Removed	Values Added
Summary		(es) Una vulnerabilidad existe en Asset Suite para que un usuario autenticado manipule el contenido de los datos de registro de rendimiento o inyecte datos manipulados en el archivo de registro para potencialmente llevar a cabo más ataques maliciosos. El registro de rendimiento se habilita típicamente para fines de resolución de problemas mientras se resuelven problemas de rendimiento de la aplicación.

30 Sep 2025, 13:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-09-30 13:15

Updated : 2026-04-15 00:35

NVD link : CVE-2025-10217

Mitre link : CVE-2025-10217

CVE.ORG link : CVE-2025-10217

JSON object : View

Products Affected

No product.

CWE

CWE-117

Improper Output Neutralization for Logs

{"id": "CVE-2025-10217", "cveTags": [], "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "cybersecurity@hitachienergy.com", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 6.0, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-09-30T13:15:48.370", "references": [{"url": "https://publisher.hitachienergy.com/preview?DocumentID=8DBD000226&LanguageCode=en&DocumentPartId=&Action=Launch", "source": "cybersecurity@hitachienergy.com"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Secondary", "source": "cybersecurity@hitachienergy.com", "description": [{"lang": "en", "value": "CWE-117"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability exists in Asset Suite for an authenticated user to manipulate the content of performance related log data or to inject crafted data in logfile for potentially carrying out further malicious attacks. Performance logging is typically enabled for troubleshooting purposes while resolving application performance related issues."}, {"lang": "es", "value": "Una vulnerabilidad existe en Asset Suite para que un usuario autenticado manipule el contenido de los datos de registro de rendimiento o inyecte datos manipulados en el archivo de registro para potencialmente llevar a cabo m\u00e1s ataques maliciosos. El registro de rendimiento se habilita t\u00edpicamente para fines de resoluci\u00f3n de problemas mientras se resuelven problemas de rendimiento de la aplicaci\u00f3n."}], "lastModified": "2026-04-15T00:35:42.020", "sourceIdentifier": "cybersecurity@hitachienergy.com"}