85 matches found
CVE-2024-13956
SSL Verification Bypass vulnerabilities exist in ASPECT if administrator credentials become compromisedThis issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...
CVE-2024-13951
One way hash with predictable salt vulnerabilities in ASPECT may expose sensitive information to a potential attackerThis issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...
CVE-2024-13949
Large content vulnerabilities are present in ASPECT exposing a device to disk overutilization on a system if administrator credentials become compromisedThis issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...
CVE-2024-13950
Log injection vulnerabilities in ASPECT provide attacker access to inject malicious browser scripts if administrator credentials become compromised.This issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...
CVE-2024-13958 Stored Cross Site Scripting
Stored Cross Site Scripting vulnerabilities exist in ASPECT if administrator creden-tials become compromisedThis issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...
CVE-2024-13958 Stored Cross Site Scripting
Stored Cross Site Scripting vulnerabilities exist in ASPECT if administrator creden-tials become compromisedThis issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...
CVE-2024-13957
CVE-2024-13957 describes SSRF vulnerabilities in ABB ASPECT, with ASPECT-Enterprise, NEXUS Series, and MATRIX Series affected up to version 3.x. Root cause: server-side requests can be manipulated if administrator credentials are compromised, enabling an attacker to induce outbound requests to in...
CVE-2024-13957 SSRF Server Side Request Forgery
SSRF Server Side Request Forgery vulnerabilities exist in ASPECT if administrator credentials become compromisedThis issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...
CVE-2024-13956
The CVE-2024-13956 entry affects ABB products: ASPECT-Enterprise, NEXUS Series, and MATRIX Series, all reported as vulnerable through version 3.*. The underlying issue is an SSL verification bypass that can occur if administrator credentials are compromised, enabling elevated risk to confidential...
CVE-2024-13956 SSL Verification Bypass
SSL Verification Bypass vulnerabilities exist in ASPECT if administrator credentials become compromisedThis issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...
CVE-2024-13955 SQL Injection 2nd Order
2nd Order SQL injection vulnerabilities in ASPECT allow unintended access and manipulation of database repositories if administrator credentials become compromised.This issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...
CVE-2024-13955 SQL Injection 2nd Order
2nd Order SQL injection vulnerabilities in ASPECT allow unintended access and manipulation of database repositories if administrator credentials become compromised.This issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...
CVE-2024-13952 Remote Code Execution
Predictable filename vulnerabilities in ASPECT may expose sensitive information to a potential attacker if administrator credentials become compromisedThis issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...
CVE-2024-13952
The CVE-2024-13952 issue is a predictable filename vulnerability affecting ABB products: ASPECT-Enterprise, NEXUS Series, and MATRIX Series, all through version 3.. According to connected sources, the vulnerability stems from credential disclosure enabling a filename prediction attack that could ...
CVE-2024-51553 Predictable Filename
Predictable filename vulnerabilities in ASPECT may expose sensitive information to a potential attacker if administrator credentials become compromisedThis issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...
CVE-2024-51553
The CVE-2024-51553 entry describes a predictable filename vulnerability affecting ABB products: ASPECT-Enterprise (through 3.), NEXUS Series (through 3. ), and MATRIX Series (through 3.*). The underlying issue is predictable file names that can lead to disclosure of sensitive information if admin...
CVE-2024-51553 Predictable Filename
Predictable filename vulnerabilities in ASPECT may expose sensitive information to a potential attacker if administrator credentials become compromisedThis issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...
CVE-2024-13950 Log Injection
Log injection vulnerabilities in ASPECT provide attacker access to inject malicious browser scripts if administrator credentials become compromised.This issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...
CVE-2024-13950
The CVE-2024-13950 entry concerns a log injection vulnerability in ABB ASPECT family products. Affected are ASPECT-Enterprise up to version 3.x, NEXUS Series up to 3.x, and MATRIX Series up to 3.x. The underlying issue enables an attacker who has gained administrator credentials to inject malicio...
CVE-2024-13949
ABB ASPECT-Enterprise, NEXUS Series, and MATRIX Series are affected by CVE-2024-13949, described as a large content vulnerability that can cause disk overutilization if administrator credentials are compromised. Affected families are ASPECT-Enterprise (through 3.), NEXUS Series (through 3. ), and...