Lucene search
+L

219 matches found

osv
osv
added 2024/12/05 1:15 p.m.4 views

CVE-2024-11316

Fileszie Check vulnerabilities allow a malicious user to bypass size limits or overload to the product. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...

7.5CVSS5.8AI score0.00591EPSS
Exploits0References1
cve
cve
added 2024/12/05 12:59 p.m.69 views

CVE-2024-51555

Summary: CVE-2024-51555 concerns default credential vulnerabilities in ABB ASPECT and related series. Publicly available default credentials allow access to ABB ASPECT devices due to design that does not require changing defaults (affected: ABB ASPECT - Enterprise v3.07.02; NEXUS Series v3.07.02;...

10CVSS9.6AI score0.00409EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2024/12/05 12:59 p.m.13 views

CVE-2024-51555 Force Change of Default Credentials

Default Credentail vulnerabilities allows access to an Aspect device using publicly available default credentials since the system does not require the installer to change default credentials. Affected products: ABB ASPECT - Enterprise v3.07.02; NEXUS Series v3.07.02; MATRIX Series v3.07.02...

10CVSS7.1AI score0.00409EPSS
Exploits0References1
cvelist
cvelist
added 2024/12/05 12:59 p.m.20 views

CVE-2024-51555 Force Change of Default Credentials

Default Credentail vulnerabilities allows access to an Aspect device using publicly available default credentials since the system does not require the installer to change default credentials. Affected products: ABB ASPECT - Enterprise v3.07.02; NEXUS Series v3.07.02; MATRIX Series v3.07.02...

10CVSS0.00409EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2024/12/05 12:58 p.m.14 views

CVE-2024-51554 off-by-one-error

Default Credentail vulnerabilities in ASPECT on Linux allows access to the product using publicly available default credentials. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...

9.1CVSS7.1AI score0.00394EPSS
Exploits0References1
cvelist
cvelist
added 2024/12/05 12:58 p.m.35 views

CVE-2024-51554 off-by-one-error

Default Credentail vulnerabilities in ASPECT on Linux allows access to the product using publicly available default credentials. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...

9.1CVSS0.00394EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2024/12/05 12:56 p.m.14 views

CVE-2024-51550 Data Validation / Sanitization

Data Validation / Data Sanitization vulnerabilities in Linux allows unvalidated and unsanitized data to be injected in an Aspect device. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...

10CVSS7AI score0.01825EPSS
Exploits4References1
cve
cve
added 2024/12/05 12:56 p.m.95 views

CVE-2024-51550

CVE-2024-51550 affects ABB ASPECT, NEXUS Series, and MATRIX Series (firmware up to 3.08.02). The vulnerability arises from Data Validation / Data Sanitization issues in Linux, allowing unvalidated data injection into an Aspect device. Connected sources document a Remote Code Execution path: an au...

10CVSS9.5AI score0.01825EPSS
Exploits4References1Affected Software1
cvelist
cvelist
added 2024/12/05 12:56 p.m.35 views

CVE-2024-51550 Data Validation / Sanitization

Data Validation / Data Sanitization vulnerabilities in Linux allows unvalidated and unsanitized data to be injected in an Aspect device. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...

10CVSS0.01825EPSS
Exploits4References1
vulnrichment
vulnrichment
added 2024/12/05 12:54 p.m.18 views

CVE-2024-51549 Absolute Path Traversal

Absolute File Traversal vulnerabilities allows access and modification of un-intended resources. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...

10CVSS7.2AI score0.00543EPSS
Exploits0References1
cve
cve
added 2024/12/05 12:54 p.m.82 views

CVE-2024-51549

CVE-2024-51549 concerns an Absolute File Traversal in ABB ASPECT, NEXUS Series, and MATRIX Series (up to version 3.08.02). Connected sources describe an issue where directory path name handling allowed access to unintended resources, with potential for unauthorized file access and modification. A...

10CVSS9.7AI score0.00543EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2024/12/05 12:54 p.m.78 views

CVE-2024-51549 Absolute Path Traversal

Absolute File Traversal vulnerabilities allows access and modification of un-intended resources. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...

10CVSS0.00543EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2024/12/05 12:52 p.m.18 views

CVE-2024-51548 Dangerous File Upload

Dangerous File Upload vulnerabilities allow upload of malicious scripts. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...

9.9CVSS7.2AI score0.00592EPSS
Exploits0References1
cvelist
cvelist
added 2024/12/05 12:52 p.m.30 views

CVE-2024-51548 Dangerous File Upload

Dangerous File Upload vulnerabilities allow upload of malicious scripts. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...

9.9CVSS0.00592EPSS
Exploits0References1
cve
cve
added 2024/12/05 12:52 p.m.74 views

CVE-2024-51548

CVE-2024-51548 is an active vulnerability affecting ABB ASPECT – Enterprise v3.08.02, NEXUS Series v3.08.02, and MATRIX Series v3.08.02, caused by dangerous file upload that can allow uploading of malicious scripts. Multiple connected sources confirm the issue and list affected products and versi...

9.9CVSS9.7AI score0.00592EPSS
Exploits0References1Affected Software1
vulnrichment
vulnrichment
added 2024/12/05 12:51 p.m.12 views

CVE-2024-51546 Credentails Disclosure

Credentials Disclosure vulnerabilities allow access to on board project back-up bundles. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...

8.7CVSS7.1AI score0.01497EPSS
Exploits3References1
cvelist
cvelist
added 2024/12/05 12:51 p.m.27 views

CVE-2024-51546 Credentails Disclosure

Credentials Disclosure vulnerabilities allow access to on board project back-up bundles. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...

8.7CVSS0.01497EPSS
Exploits3References1
cve
cve
added 2024/12/05 12:51 p.m.92 views

CVE-2024-51546

CVE-2024-51546 affects ABB ASPECT Enterprise v3.08.02, NEXUS Series v3.08.02 and MATRIX Series v3.08.02, with credentials disclosure enabling access to on-board project backup bundles. Connected sources (including Exploit DB, Red Hat/US-CISA advisories and NC SC) describe this as a cookie/credent...

8.7CVSS7.7AI score0.01497EPSS
Exploits3References1Affected Software1
cvelist
cvelist
added 2024/12/05 12:49 p.m.28 views

CVE-2024-51545 Username Enumeration

Username Enumeration vulnerabilities allow access to application level username add, delete, modify and list functions. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...

10CVSS0.00416EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2024/12/05 12:49 p.m.19 views

CVE-2024-51545 Username Enumeration

Username Enumeration vulnerabilities allow access to application level username add, delete, modify and list functions. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...

10CVSS7.1AI score0.00416EPSS
Exploits0References1
Rows per page
Query Builder