Vulnerability in Hitachi Energy Trmtracker
CVE-2025-27632
A Host Header Injection vulnerability in TRMTracker application may allow an attacker by modifying the host header value in an HTTP request to leverage multiple attack vectors, including defacing the site content through web-cache poisonin…
EPSS: 0.002 (47.5th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 6.1 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N.
Affected products
- Hitachi Energy Trmtracker — versions 6.2, 6.3
Weakness classification (CWE)
References
- publisher.hitachienergy.com/preview (vendor-advisory)
Frequently asked questions
- What is CVE-2025-27632?
- CVE-2025-27632 is a medium-severity vulnerability in Hitachi Energy Trmtracker, classified under Improper Neutralization of HTTP Headers for Scripting Syntax. CVSS score: 6.1/10. Published 2025-03-25.
- How severe is CVE-2025-27632?
- Medium severity. CVSS v3 base score is 6.1 out of 10.