860 matches found
CVE-2024-13956
The CVE-2024-13956 entry affects ABB products: ASPECT-Enterprise, NEXUS Series, and MATRIX Series, all reported as vulnerable through version 3.*. The underlying issue is an SSL verification bypass that can occur if administrator credentials are compromised, enabling elevated risk to confidential...
CVE-2024-13956 SSL Verification Bypass
SSL Verification Bypass vulnerabilities exist in ASPECT if administrator credentials become compromisedThis issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...
CVE-2024-13955
CVE-2024-13955 describes 2nd Order SQL injection across ABB ASPECT-Enterprise (through 3.), NEXUS Series (through 3. ), and MATRIX Series (through 3.*). Root cause involves credential disclosure enabling a second‑order SQL injection that can view, add, modify, or delete information in back‑end da...
CVE-2024-13955 SQL Injection 2nd Order
2nd Order SQL injection vulnerabilities in ASPECT allow unintended access and manipulation of database repositories if administrator credentials become compromised.This issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...
CVE-2024-13955 SQL Injection 2nd Order
2nd Order SQL injection vulnerabilities in ASPECT allow unintended access and manipulation of database repositories if administrator credentials become compromised.This issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...
CVE-2024-13954 Serialization / Deserialization of configuration data
Serialized configuration information may be disclosed during device commissioning while using ASPECT's configuration toolsetThis issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...
CVE-2024-13954 Serialization / Deserialization of configuration data
Serialized configuration information may be disclosed during device commissioning while using ASPECT's configuration toolsetThis issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...
CVE-2024-13954
CVE-2024-13954 describes an information disclosure in ABB ASPECT products where serialized configuration data can be exposed during device commissioning via the ASPECT configuration toolset. Affected: ASPECT-Enterprise (through 3.), NEXUS Series (through 3. ), MATRIX Series (through 3.*). Root ca...
CVE-2024-13953 Sensitive Information disclosed in log files
Sensitive device logger information in ASPECT may be exposed if administrator credentials become compromisedThis issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...
CVE-2024-13953
CVE-2024-13953 affects ABB ASPECT-Enterprise (through 3.), NEXUS Series (through 3. ), and MATRIX Series (through 3.*). The issue is an information disclosure where sensitive device logger data can be exposed if administrator credentials are compromised, due to a credential disclosure root cause....
CVE-2024-13953 Sensitive Information disclosed in log files
Sensitive device logger information in ASPECT may be exposed if administrator credentials become compromisedThis issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...
CVE-2024-13952 Remote Code Execution
Predictable filename vulnerabilities in ASPECT may expose sensitive information to a potential attacker if administrator credentials become compromisedThis issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...
CVE-2024-13952 Remote Code Execution
Predictable filename vulnerabilities in ASPECT may expose sensitive information to a potential attacker if administrator credentials become compromisedThis issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...
CVE-2024-13952
The CVE-2024-13952 issue is a predictable filename vulnerability affecting ABB products: ASPECT-Enterprise, NEXUS Series, and MATRIX Series, all through version 3.. According to connected sources, the vulnerability stems from credential disclosure enabling a filename prediction attack that could ...
CVE-2024-51553 Predictable Filename
Predictable filename vulnerabilities in ASPECT may expose sensitive information to a potential attacker if administrator credentials become compromisedThis issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...
CVE-2024-51553
The CVE-2024-51553 entry describes a predictable filename vulnerability affecting ABB products: ASPECT-Enterprise (through 3.), NEXUS Series (through 3. ), and MATRIX Series (through 3.*). The underlying issue is predictable file names that can lead to disclosure of sensitive information if admin...
CVE-2024-51553 Predictable Filename
Predictable filename vulnerabilities in ASPECT may expose sensitive information to a potential attacker if administrator credentials become compromisedThis issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...
CVE-2024-13951
CVE-2024-13951 describes an information disclosure in ABB ASPECT-Enterprise (through 3.), NEXUS Series (through 3. ), and MATRIX Series (through 3.*) caused by a one-way hash function using a predictable salt. The root cause is predictable salts in hashing, enabling potential attackers to glean s...
CVE-2024-13951 One way hash with predictable salt
One way hash with predictable salt vulnerabilities in ASPECT may expose sensitive information to a potential attackerThis issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...
CVE-2024-13951 One way hash with predictable salt
One way hash with predictable salt vulnerabilities in ASPECT may expose sensitive information to a potential attackerThis issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...