23 matches found
CVE-2024-51545
Username Enumeration vulnerabilities allow access to application level username add, delete, modify and list functions. Affected products: ABB ASPECT - Enterprise v3.08.02;NEXUS Series v3.08.02;MATRIX Series v3.08.02
CVE-2024-48843
Denial of Service vulnerabilities where found providing a potiential for device service disruptions. Affected products: ABB ASPECT - Enterprise v3.08.02;NEXUS Series v3.08.02;MATRIX Series v3.08.02
CVE-2024-48839
Improper Input Validation vulnerability allows Remote Code Execution. Affected products: ABB ASPECT - Enterprise v3.08.02;NEXUS Series v3.08.02;MATRIX Series v3.08.02
CVE-2024-51546
Credentials Disclosure vulnerabilities allow access to on board project back-up bundles. Affected products: ABB ASPECT - Enterprise v3.08.02;NEXUS Series v3.08.02;MATRIX Series v3.08.02
CVE-2024-51550
Data Validation / Data Sanitization vulnerabilities in Linux allows unvalidated and unsanitized data to be injected in an Aspect device. Affected products: ABB ASPECT - Enterprise v3.08.02;NEXUS Series v3.08.02;MATRIX Series v3.08.02
CVE-2024-11316
Fileszie Check vulnerabilities allow a malicious user to bypass size limits or overload to the product. Affected products: ABB ASPECT - Enterprise v3.08.02;NEXUS Series v3.08.02;MATRIX Series v3.08.02
CVE-2024-48840
Unauthorized Access vulnerabilities allow Remote Code Execution. Affected products: ABB ASPECT - Enterprise v3.08.02;NEXUS Series v3.08.02;MATRIX Series v3.08.02
CVE-2024-48845
Weak Password Reset Rules vulnerabilities where found providing a potiential for the storage of weak passwords that could facilitate unauthorized admin/application access. Affected products: ABB ASPECT - Enterprise v3.07.02;NEXUS Series v3.07.02;MATRIX Series v3.07.02
CVE-2024-48847
MD5 Checksum Bypass vulnerabilities where found exploiting a weakness in the way an application dependency calculates or validates MD5 checksum hashes. Affected products: ABB ASPECT - Enterprise v3.08.01;NEXUS Series v3.08.01;MATRIX Series v3.08.01
CVE-2024-51543
Information Disclosure vulnerabilities allow access to application configuration information. Affected products: ABB ASPECT - Enterprise v3.08.02;NEXUS Series v3.08.02;MATRIX Series v3.08.02
CVE-2024-51544
Service Control vulnerabilities allow access to service restart requests and vm configuration settings. Affected products: ABB ASPECT - Enterprise v3.08.02;NEXUS Series v3.08.02;MATRIX Series v3.08.02
CVE-2024-51549
Absolute File Traversal vulnerabilities allows access and modification of un-intended resources. Affected products: ABB ASPECT - Enterprise v3.08.02;NEXUS Series v3.08.02;MATRIX Series v3.08.02
CVE-2024-51551
Default Credentail vulnerabilities in ASPECT on Linux allows access to the product using publicly available default credentials. Affected products: ABB ASPECT - Enterprise v3.07.02;NEXUS Series v3.07.02;MATRIX Series v3.07.02
CVE-2024-6516
Cross Site Scripting vulnerabilities where found providing a potential for malicious scripts to be injected into a client browser. Affected products: ABB ASPECT - Enterprise v3.08.02;NEXUS Series v3.08.02;MATRIX Series v3.08.02
CVE-2024-51541
Local File Inclusion vulnerabilities allow access to sensitive system information. Affected products: ABB ASPECT - Enterprise v3.08.02;NEXUS Series v3.08.02;MATRIX Series v3.08.02
CVE-2024-11317
Session Fixation vulnerabilities allow an attacker to fix a users session identifier before login providing an opportunity for session takeover on a product. Affected products: ABB ASPECT - Enterprise v3.08.02;NEXUS Series v3.08.02;MATRIX Series v3.08.02
CVE-2024-48844
Denial of Service vulnerabilities where found providing a potiential for device service disruptions. Affected products: ABB ASPECT - Enterprise v3.08.02;NEXUS Series v3.08.02;MATRIX Series v3.08.02
CVE-2024-6784
Server-Side Request Forgery vulnerabilities were found providing a potential for access to unauthorized resources and unintended information disclosure. Affected products: ABB ASPECT - Enterprise v3.08.02;NEXUS Series v3.08.02;MATRIX Series v3.08.02
CVE-2024-48846
Cross Site Request Forgery vulnerabilities where found providing a potiential for exposing sensitive information or changing system settings. Affected products: ABB ASPECT - Enterprise v3.08.02;NEXUS Series v3.08.02;MATRIX Series v3.08.02
CVE-2024-51548
Dangerous File Upload vulnerabilities allow upload of malicious scripts. Affected products: ABB ASPECT - Enterprise v3.08.02;NEXUS Series v3.08.02;MATRIX Series v3.08.02
CVE-2024-6515
Web browser interface may manipulate application username/password in clear text or Base64 encoding providing a higher probability of unintended credentails exposure. Affected products: ABB ASPECT - Enterprise v3.08.02;NEXUS Series v3.08.02;MATRIX Series v3.08.02
CVE-2024-51542
Configuration Download vulnerabilities allow access to dependency configuration information. Affected products: ABB ASPECT - Enterprise v3.08.02;NEXUS Series v3.08.02;MATRIX Series v3.08.02
CVE-2024-51554
Default Credentail vulnerabilities in ASPECT on Linux allows access to the product using publicly available default credentials. Affected products: ABB ASPECT - Enterprise v3.08.02;NEXUS Series v3.08.02;MATRIX Series v3.08.02