Lucene search
K

860 matches found

NVD
NVD
added 2025/05/22 7:15 p.m.10 views

CVE-2024-13955

2nd Order SQL injection vulnerabilities in ASPECT allow unintended access and manipulation of database repositories if administrator credentials become compromised.This issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...

9.4CVSS0.00311EPSS
Exploits0References1
NVD
NVD
added 2025/05/22 7:15 p.m.7 views

CVE-2024-13954

Serialized configuration information may be disclosed during device commissioning while using ASPECT's configuration toolsetThis issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...

6.5CVSS0.00185EPSS
Exploits0References1
NVD
NVD
added 2025/05/22 7:15 p.m.7 views

CVE-2024-13956

SSL Verification Bypass vulnerabilities exist in ASPECT if administrator credentials become compromisedThis issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...

8.8CVSS0.00363EPSS
Exploits0References1
NVD
NVD
added 2025/05/22 7:15 p.m.8 views

CVE-2024-13952

Predictable filename vulnerabilities in ASPECT may expose sensitive information to a potential attacker if administrator credentials become compromisedThis issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...

8.7CVSS0.0035EPSS
Exploits0References1
NVD
NVD
added 2025/05/22 7:15 p.m.11 views

CVE-2024-13948

Windows permissions for ASPECT configuration toolsets are not fully secured allow-ing exposure of configuration informationThis issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...

7.3CVSS0.00132EPSS
Exploits2References1
NVD
NVD
added 2025/05/22 7:15 p.m.5 views

CVE-2024-13951

One way hash with predictable salt vulnerabilities in ASPECT may expose sensitive information to a potential attackerThis issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...

7.6CVSS0.00167EPSS
Exploits0References1
NVD
NVD
added 2025/05/22 7:15 p.m.11 views

CVE-2024-13946

DLL's are not digitally signed when loaded in ASPECT's configuration toolset exposing the application to binary planting during device commissioning.This issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...

7.1CVSS0.00977EPSS
Exploits3References1
NVD
NVD
added 2025/05/22 7:15 p.m.6 views

CVE-2024-13949

Large content vulnerabilities are present in ASPECT exposing a device to disk overutilization on a system if administrator credentials become compromisedThis issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...

6.9CVSS0.00316EPSS
Exploits2References1
NVD
NVD
added 2025/05/22 7:15 p.m.7 views

CVE-2024-13947

Device commissioning parameters in ASPECT may be modified by an external source if administrative credentials become compromisedThis issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...

7.1CVSS0.00318EPSS
Exploits0References1
NVD
NVD
added 2025/05/22 7:15 p.m.9 views

CVE-2024-13950

Log injection vulnerabilities in ASPECT provide attacker access to inject malicious browser scripts if administrator credentials become compromised.This issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...

6.9CVSS0.00341EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/22 6:38 p.m.3 views

CVE-2024-51552 Weak Password Storage

Weak password storage vulnerabilities exist in ASPECT if administrator credentials become compromisedThis issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...

7.1CVSS6.4AI score0.00258EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/22 6:38 p.m.13 views

CVE-2024-51552 Weak Password Storage

Weak password storage vulnerabilities exist in ASPECT if administrator credentials become compromisedThis issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...

7.1CVSS0.00258EPSS
Exploits0References1
CVE
CVE
added 2025/05/22 6:38 p.m.47 views

CVE-2024-51552

PT-2025-22547 confirms a weak password storage vulnerability affecting ABB products: ASPECT-Enterprise, NEXUS Series, and MATRIX Series up to version 3.*. Root cause: weak password storage leading to credential disclosure. Remediation: update to a version that addresses the weak password storage ...

7.1CVSS6.3AI score0.00258EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/22 6:36 p.m.4 views

CVE-2024-13958 Stored Cross Site Scripting

Stored Cross Site Scripting vulnerabilities exist in ASPECT if administrator creden-tials become compromisedThis issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...

4.8CVSS5.2AI score0.00186EPSS
Exploits0References1
CVE
CVE
added 2025/05/22 6:36 p.m.45 views

CVE-2024-13958

CVE-2024-13958 describes a Stored Cross-Site Scripting vulnerability affecting ABB products: ASPECT-Enterprise, NEXUS Series, and MATRIX Series, all affected through version 3.. The root cause is a cross-site scripting flaw that can be triggered when administrator credentials are compromised, wit...

4.8CVSS5.2AI score0.00186EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/22 6:36 p.m.13 views

CVE-2024-13958 Stored Cross Site Scripting

Stored Cross Site Scripting vulnerabilities exist in ASPECT if administrator creden-tials become compromisedThis issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...

4.8CVSS0.00186EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/22 6:35 p.m.5 views

CVE-2024-13957 SSRF Server Side Request Forgery

SSRF Server Side Request Forgery vulnerabilities exist in ASPECT if administrator credentials become compromisedThis issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...

7.6CVSS7.8AI score0.00241EPSS
Exploits0References1
CVE
CVE
added 2025/05/22 6:35 p.m.44 views

CVE-2024-13957

CVE-2024-13957 describes SSRF vulnerabilities in ABB ASPECT, with ASPECT-Enterprise, NEXUS Series, and MATRIX Series affected up to version 3.x. Root cause: server-side requests can be manipulated if administrator credentials are compromised, enabling an attacker to induce outbound requests to in...

7.6CVSS7.8AI score0.00241EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/22 6:35 p.m.16 views

CVE-2024-13957 SSRF Server Side Request Forgery

SSRF Server Side Request Forgery vulnerabilities exist in ASPECT if administrator credentials become compromisedThis issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...

7.6CVSS0.00241EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/22 6:33 p.m.7 views

CVE-2024-13956 SSL Verification Bypass

SSL Verification Bypass vulnerabilities exist in ASPECT if administrator credentials become compromisedThis issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...

8.8CVSS6.8AI score0.00363EPSS
Exploits0References1
Rows per page
Query Builder