219 matches found
CVE-2024-48845 Weak Password Rules/Strength
Weak Password Reset Rules vulnerabilities where found providing a potiential for the storage of weak passwords that could facilitate unauthorized admin/application access. Affected products: ABB ASPECT - Enterprise v3.07.02; NEXUS Series v3.07.02; MATRIX Series v3.07.02...
CVE-2024-48844 Denial of Service, DoS
Denial of Service vulnerabilities where found providing a potiential for device service disruptions. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...
CVE-2024-48844
CVE-2024-48844 is a Denial of Service vulnerability affecting ABB ASPECT – Enterprise 3.08.02, NEXUS Series 3.08.02, and MATRIX Series 3.08.02. Connected sources describe an off-by-one error in a PHP script (escDevicesUpdate.php) that can cause undefined behavior and crash the service, leading to...
CVE-2024-48844 Denial of Service, DoS
Denial of Service vulnerabilities where found providing a potiential for device service disruptions. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...
CVE-2024-48843 Denial of Service, DoS
Denial of Service vulnerabilities where found providing a potiential for device service disruptions. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...
CVE-2024-48843
CVE-2024-48843 affects ABB ASPECT – Enterprise v3.08.02, NEXUS Series v3.08.02, and MATRIX Series v3.08.02. The connected sources consistently describe a Denial of Service vulnerability that can lead to device service disruptions. The root cause details are not explicitly enumerated beyond the Do...
CVE-2024-48843 Denial of Service, DoS
Denial of Service vulnerabilities where found providing a potiential for device service disruptions. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...
CVE-2024-48840 Unauthorized Access
Unauthorized Access vulnerabilities allow Remote Code Execution. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...
CVE-2024-48840
ABB CVE-2024-48840 affects ABB ASPECT - Enterprise v3.08.02, NEXUS Series v3.08.02 and MATRIX Series v3.08.02. The vulnerability is described as Unauthorized Access vulnerabilities that allow Remote Code Execution. Exploit-DB documents an unauthenticated command execution path via deployStart.php...
CVE-2024-48840 Unauthorized Access
Unauthorized Access vulnerabilities allow Remote Code Execution. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...
CVE-2024-48839 Remote Code Execution, RCE
Improper Input Validation vulnerability allows Remote Code Execution. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...
CVE-2024-48839
Summary (CVE-2024-48839) : The ABB Cylon Aspect family (ASPECT-Enterprise v3.08.02, NEXUS v3.08.02, MATRIX v3.08.02) contains an improper input validation flaw that enables Remote Code Execution. Exploitation details in connected sources show authenticated command injection via endpoints like bbm...
CVE-2024-48839 Remote Code Execution, RCE
Improper Input Validation vulnerability allows Remote Code Execution. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...
CVE-2024-11317
CVE-2024-11317 affects ABB ASPECT family (Enterprise, NEXUS Series, MATRIX Series) with firmware up to 3.08.02. The vulnerability is a PHP Session Fixation issue that can allow an attacker to fix a user’s session ID before login, potentially enabling session takeover; in ABB/BMS contexts this may...
CVE-2024-11317 PHP Session Fixation
Session Fixation vulnerabilities allow an attacker to fix a users session identifier before login providing an opportunity for session takeover on a product. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...
CVE-2024-11317 PHP Session Fixation
Session Fixation vulnerabilities allow an attacker to fix a users session identifier before login providing an opportunity for session takeover on a product. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...
CVE-2024-11316 Filesize Check
Fileszie Check vulnerabilities allow a malicious user to bypass size limits or overload to the product. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...
CVE-2024-11316
The CVE-2024-11316 issue affects ABB ASPECT – Enterprise v3.08.02, NEXUS Series v3.08.02, and MATRIX Series v3.08.02. Connected sources describe a Filesize Check vulnerability where improper handling allows a malicious user to bypass size limits and overload the product via remote exploitation. P...
CVE-2024-11316 Filesize Check
Fileszie Check vulnerabilities allow a malicious user to bypass size limits or overload to the product. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...
CVE-2024-6784
CVE-2024-6784 is an SSRF vulnerability impacting ABB ASPECT family components. Affected: ABB ASPECT – Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02. Root cause: server-side request forgery enabling access to unauthorized resources and potential information disclosure. Documen...