ABB Cylon Aspect 3.08.00 Off-By-One

ABB Cylon Aspect 3.08.00 logMix/YumLookup.php Off-by-One Error in Log Parsing Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.00 Summary: ASPECT is an award-winning scalable building energy...

ABB Cylon Aspect 3.08.02 logYumLookup.php Authenticated File Disclosure Vulnerability

ABB Cylon Aspect version 3.08.02 suffers from an authenticated arbitrary file disclosure vulnerability. Input passed through the logFile GET parameter via the logYumLookup.php script is not properly verified before being used to download log files. This can be exploited to disclose the contents o...

ABB Cylon Aspect 3.08.02 logYumLookup.php Authenticated File Disclosure

ABB Cylon Aspect 3.08.02 logYumLookup.php Authenticated File Disclosure Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: 3.08.02 Summary: ASPECT is an award-winning scalable building energy...

ABB Cylon Aspect 3.08.02 (logYumLookup.php) Authenticated File Disclosure

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The building management system suffers from an authenticated arbitrar...