Lucene search
+L

219 matches found

cvelist
cvelist
added 2024/12/05 12:42 p.m.22 views

CVE-2024-48845 Weak Password Rules/Strength

Weak Password Reset Rules vulnerabilities where found providing a potiential for the storage of weak passwords that could facilitate unauthorized admin/application access. Affected products: ABB ASPECT - Enterprise v3.07.02; NEXUS Series v3.07.02; MATRIX Series v3.07.02...

9.4CVSS0.01834EPSS
Exploits3References1
vulnrichment
vulnrichment
added 2024/12/05 12:41 p.m.15 views

CVE-2024-48844 Denial of Service, DoS

Denial of Service vulnerabilities where found providing a potiential for device service disruptions. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...

7.7CVSS7.2AI score0.00874EPSS
Exploits3References1
cve
cve
added 2024/12/05 12:41 p.m.78 views

CVE-2024-48844

CVE-2024-48844 is a Denial of Service vulnerability affecting ABB ASPECT – Enterprise 3.08.02, NEXUS Series 3.08.02, and MATRIX Series 3.08.02. Connected sources describe an off-by-one error in a PHP script (escDevicesUpdate.php) that can cause undefined behavior and crash the service, leading to...

7.7CVSS7.7AI score0.00874EPSS
Exploits3References1Affected Software1
cvelist
cvelist
added 2024/12/05 12:41 p.m.23 views

CVE-2024-48844 Denial of Service, DoS

Denial of Service vulnerabilities where found providing a potiential for device service disruptions. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...

7.7CVSS0.00874EPSS
Exploits3References1
vulnrichment
vulnrichment
added 2024/12/05 12:40 p.m.14 views

CVE-2024-48843 Denial of Service, DoS

Denial of Service vulnerabilities where found providing a potiential for device service disruptions. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...

7.7CVSS7.2AI score0.00274EPSS
Exploits2References1
cve
cve
added 2024/12/05 12:40 p.m.858 views

CVE-2024-48843

CVE-2024-48843 affects ABB ASPECT – Enterprise v3.08.02, NEXUS Series v3.08.02, and MATRIX Series v3.08.02. The connected sources consistently describe a Denial of Service vulnerability that can lead to device service disruptions. The root cause details are not explicitly enumerated beyond the Do...

7.7CVSS7.7AI score0.00274EPSS
Exploits2References1Affected Software1
cvelist
cvelist
added 2024/12/05 12:40 p.m.20 views

CVE-2024-48843 Denial of Service, DoS

Denial of Service vulnerabilities where found providing a potiential for device service disruptions. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...

7.7CVSS0.00274EPSS
Exploits2References1
vulnrichment
vulnrichment
added 2024/12/05 12:38 p.m.15 views

CVE-2024-48840 Unauthorized Access

Unauthorized Access vulnerabilities allow Remote Code Execution. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...

10CVSS7.6AI score0.02073EPSS
Exploits4References1
cve
cve
added 2024/12/05 12:38 p.m.93 views

CVE-2024-48840

ABB CVE-2024-48840 affects ABB ASPECT - Enterprise v3.08.02, NEXUS Series v3.08.02 and MATRIX Series v3.08.02. The vulnerability is described as Unauthorized Access vulnerabilities that allow Remote Code Execution. Exploit-DB documents an unauthenticated command execution path via deployStart.php...

10CVSS9.9AI score0.02073EPSS
Exploits4References1Affected Software1
cvelist
cvelist
added 2024/12/05 12:38 p.m.26 views

CVE-2024-48840 Unauthorized Access

Unauthorized Access vulnerabilities allow Remote Code Execution. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...

10CVSS0.02073EPSS
Exploits4References1
vulnrichment
vulnrichment
added 2024/12/05 12:37 p.m.16 views

CVE-2024-48839 Remote Code Execution, RCE

Improper Input Validation vulnerability allows Remote Code Execution. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...

10CVSS7.3AI score0.02846EPSS
Exploits10References1
cve
cve
added 2024/12/05 12:37 p.m.229 views

CVE-2024-48839

Summary (CVE-2024-48839) : The ABB Cylon Aspect family (ASPECT-Enterprise v3.08.02, NEXUS v3.08.02, MATRIX v3.08.02) contains an improper input validation flaw that enables Remote Code Execution. Exploitation details in connected sources show authenticated command injection via endpoints like bbm...

10CVSS9.7AI score0.02846EPSS
Exploits10References1Affected Software1
cvelist
cvelist
added 2024/12/05 12:37 p.m.20 views

CVE-2024-48839 Remote Code Execution, RCE

Improper Input Validation vulnerability allows Remote Code Execution. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...

10CVSS0.02846EPSS
Exploits10References1
cve
cve
added 2024/12/05 12:36 p.m.72 views

CVE-2024-11317

CVE-2024-11317 affects ABB ASPECT family (Enterprise, NEXUS Series, MATRIX Series) with firmware up to 3.08.02. The vulnerability is a PHP Session Fixation issue that can allow an attacker to fix a user’s session ID before login, potentially enabling session takeover; in ABB/BMS contexts this may...

10CVSS9.6AI score0.00436EPSS
Exploits4References1Affected Software1
vulnrichment
vulnrichment
added 2024/12/05 12:36 p.m.16 views

CVE-2024-11317 PHP Session Fixation

Session Fixation vulnerabilities allow an attacker to fix a users session identifier before login providing an opportunity for session takeover on a product. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...

10CVSS7.1AI score0.00436EPSS
Exploits4References1
cvelist
cvelist
added 2024/12/05 12:36 p.m.25 views

CVE-2024-11317 PHP Session Fixation

Session Fixation vulnerabilities allow an attacker to fix a users session identifier before login providing an opportunity for session takeover on a product. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...

10CVSS0.00436EPSS
Exploits4References1
vulnrichment
vulnrichment
added 2024/12/05 12:27 p.m.15 views

CVE-2024-11316 Filesize Check

Fileszie Check vulnerabilities allow a malicious user to bypass size limits or overload to the product. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...

8.7CVSS7.1AI score0.00591EPSS
Exploits0References1
cve
cve
added 2024/12/05 12:27 p.m.83 views

CVE-2024-11316

The CVE-2024-11316 issue affects ABB ASPECT – Enterprise v3.08.02, NEXUS Series v3.08.02, and MATRIX Series v3.08.02. Connected sources describe a Filesize Check vulnerability where improper handling allows a malicious user to bypass size limits and overload the product via remote exploitation. P...

8.7CVSS7.7AI score0.00591EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2024/12/05 12:27 p.m.28 views

CVE-2024-11316 Filesize Check

Fileszie Check vulnerabilities allow a malicious user to bypass size limits or overload to the product. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...

8.7CVSS0.00591EPSS
Exploits0References1
cve
cve
added 2024/12/05 12:25 p.m.90 views

CVE-2024-6784

CVE-2024-6784 is an SSRF vulnerability impacting ABB ASPECT family components. Affected: ABB ASPECT – Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02. Root cause: server-side request forgery enabling access to unauthorized resources and potential information disclosure. Documen...

9.9CVSS9.7AI score0.00501EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder