CVE-2024-13955
published 2025-05-22CVE-2024-13955: 2nd Order SQL injection vulnerabilities in ASPECT allow unintended access and manipulation of database repositories if administrator credentials become…
critical9.4CVSS 4.0
AVNACLATNPRLUINVCHVIHVAHSCHSIHSAHEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
2nd Order SQL injection vulnerabilities in ASPECT allow unintended access and manipulation of database repositories if administrator credentials become compromised.This issue affects ASPECT-Enterprise: through 3.*; NEXUS Series: through 3.*; MATRIX Series: through 3.*.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| abb | aspect-enterprise | <= 3.* | — |
| abb | matrix_series | <= 3.* | — |
| abb | nexus_series | <= 3.* | — |