CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

17 matches found

NVD•added 2024/12/05 1:15 p.m.•17 views

CVE-2024-6516

Cross Site Scripting vulnerabilities where found providing a potential for malicious scripts to be injected into a client browser. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...

9.3CVSS0.03552EPSS

Exploits7References1

NVD•added 2024/12/05 1:15 p.m.•15 views

CVE-2024-51549

Absolute File Traversal vulnerabilities allows access and modification of un-intended resources. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...

10CVSS0.00297EPSS

Exploits0References1

NVD•added 2024/12/05 1:15 p.m.•13 views

CVE-2024-51541

Local File Inclusion vulnerabilities allow access to sensitive system information. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...

8.8CVSS0.00289EPSS

Exploits0References1

NVD•added 2024/12/05 1:15 p.m.•17 views

CVE-2024-51542

Configuration Download vulnerabilities allow access to dependency configuration information. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...

8.8CVSS0.00303EPSS

Exploits0References1

NVD•added 2024/12/05 1:15 p.m.•13 views

CVE-2024-48844

Denial of Service vulnerabilities where found providing a potiential for device service disruptions. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...

7.7CVSS0.08272EPSS

Exploits3References1

NVD•added 2024/12/05 1:15 p.m.•13 views

CVE-2024-11316

Fileszie Check vulnerabilities allow a malicious user to bypass size limits or overload to the product. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...

8.7CVSS0.00132EPSS

Exploits0References1

Vulnrichment•added 2024/12/05 12:52 p.m.•14 views

CVE-2024-51548 Dangerous File Upload

Dangerous File Upload vulnerabilities allow upload of malicious scripts. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...

9.9CVSS7.2AI score0.00384EPSS

Exploits0References1

Vulnrichment•added 2024/12/05 12:51 p.m.•11 views

CVE-2024-51546 Credentails Disclosure

Credentials Disclosure vulnerabilities allow access to on board project back-up bundles. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...

8.7CVSS7.1AI score0.17074EPSS

Exploits3References1

Vulnrichment•added 2024/12/05 12:49 p.m.•15 views

CVE-2024-51545 Username Enumeration

Username Enumeration vulnerabilities allow access to application level username add, delete, modify and list functions. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...

10CVSS7.1AI score0.00424EPSS

Exploits0References1

Vulnrichment•added 2024/12/05 12:48 p.m.•16 views

CVE-2024-51544 Service Control

Service Control vulnerabilities allow access to service restart requests and vm configuration settings. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...

8.8CVSS7.1AI score0.0473EPSS

Exploits1References1

Cvelist•added 2024/12/05 12:45 p.m.•16 views

CVE-2024-51542 Configuration Download

Configuration Download vulnerabilities allow access to dependency configuration information. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...

8.8CVSS0.00303EPSS

Exploits0References1

Cvelist•added 2024/12/05 12:41 p.m.•18 views

CVE-2024-48844 Denial of Service, DoS

7.7CVSS0.08272EPSS

Exploits3References1

Cvelist•added 2024/12/05 12:40 p.m.•14 views

CVE-2024-48843 Denial of Service, DoS

7.7CVSS0.00967EPSS

Exploits2References1

CVE•added 2024/12/05 12:36 p.m.•65 views

CVE-2024-11317

CVE-2024-11317 affects ABB ASPECT family (Enterprise, NEXUS Series, MATRIX Series) with firmware up to 3.08.02. The vulnerability is a PHP Session Fixation issue that can allow an attacker to fix a user’s session ID before login, potentially enabling session takeover; in ABB/BMS contexts this may...

10CVSS9.6AI score0.00334EPSS

Exploits4References1Affected Software1

Cvelist•added 2024/12/05 12:25 p.m.•21 views

CVE-2024-6784 SSRF Server Side Request Forgery

Server-Side Request Forgery vulnerabilities were found providing a potential for access to unauthorized resources and unintended information disclosure. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...

9.9CVSS0.00358EPSS

Exploits1References1

CVE•added 2024/12/05 12:25 p.m.•70 views

CVE-2024-6784

CVE-2024-6784 is an SSRF vulnerability impacting ABB ASPECT family components. Affected: ABB ASPECT – Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02. Root cause: server-side request forgery enabling access to unauthorized resources and potential information disclosure. Documen...

9.9CVSS9.7AI score0.00358EPSS

Exploits1References1Affected Software1

CVE•added 2024/12/05 12:24 p.m.•68 views

CVE-2024-6516

CVE-2024-6516 corresponds to authenticated cross-site scripting vulnerabilities in ABB Cylon Aspect platform components. Connected sources confirm affected products and versions: ABB ASPECT – Enterprise 3.08.02; NEXUS Series 3.08.02; MATRIX Series 3.08.02. Technical details across exploits indica...

9.3CVSS9AI score0.03552EPSS

Exploits7References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by