4 matches found
ABB Cylon Aspect 3.08.02 Cookie User Password Disclosure Vulnerability
ABB Cylon Aspect version 3.08.02 suffers from cleartext transmission and storage of sensitive information in a Cookie. This includes the globals parameter, where authdata contains base64-encoded credentials. A remote attacker can intercept the HTTP Cookie, including authentication credentials,...
CVE-2024-51546
creationtimestamp| type| source ---|---|--- 2024-12-05 13:37:59+00:00| seen| https://infosec.exchange/users/cve/statuses/113600487651084599 2024-12-05 15:21:26+00:00| seen| https://t.me/cvedetector/12088 2025-01-07 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-007-...
CVE-2024-51546
CVE-2024-51546 affects ABB ASPECT Enterprise v3.08.02, NEXUS Series v3.08.02 and MATRIX Series v3.08.02, with credentials disclosure enabling access to on-board project backup bundles. Connected sources (including Exploit DB, Red Hat/US-CISA advisories and NC SC) describe this as a cookie/credent...
CVE-2024-51546 Credentails Disclosure
Credentials Disclosure vulnerabilities allow access to on board project back-up bundles. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...