Vulnerabilities > Hitachienergy > Ellipse Enterprise Asset Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-11 | CVE-2021-27414 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Hitachienergy Ellipse Enterprise Asset Management An attacker could trick a user of Hitachi ABB Power Grids Ellipse Enterprise Asset Management (EAM) versions prior to and including 9.0.25 into visiting a malicious website posing as a login page for the Ellipse application and gather authentication credentials. | 6.1 |
| 2022-03-11 | CVE-2021-27416 | Cross-site Scripting vulnerability in Hitachienergy Ellipse Enterprise Asset Management An attacker could exploit this vulnerability in Hitachi ABB Power Grids Ellipse Enterprise Asset Management (EAM) versions prior to and including 9.0.25 by tricking a user to click on a link containing malicious code that would then be run by the web browser. | 5.4 |