CVE-2024-48845
published 2024-12-05CVE-2024-48845: Weak Password Reset Rules vulnerabilities where found providing a potiential for the storage of weak passwords that could facilitate unauthorized…
critical9.3CVSS 4.0
AVNACLATNPRNUINVCHVIHVALSCLSILSALEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
EXPLOIT
Weak Password Reset Rules vulnerabilities where found providing a potiential for the storage of weak passwords that could facilitate unauthorized admin/application access.
Affected products:
ABB ASPECT - Enterprise v3.07.02;
NEXUS Series v3.07.02;
MATRIX Series v3.07.02
Affected
22 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| abb | aspect-ent-12_firmware | <= 3.07.02 | — |
| abb | aspect-ent-256_firmware | < 3.08.03 | 3.08.03 |
| abb | aspect-ent-2_firmware | < 3.08.03 | 3.08.03 |
| abb | aspect-ent-96_firmware | < 3.08.03 | 3.08.03 |
| abb | aspect-enterprise | <= 3.07.02 | — |
| abb | matrix-11_firmware | <= 3.07.02 | — |
| abb | matrix-216_firmware | <= 3.07.02 | — |
| abb | matrix-232_firmware | <= 3.07.02 | — |
| abb | matrix-264_firmware | <= 3.07.02 | — |
| abb | matrix-296_firmware | <= 3.07.02 | — |
| abb | matrix_series | <= 3.07.02 | — |
| abb | nexus-2128-a_firmware | < 3.08.03 | 3.08.03 |
| abb | nexus-2128-f_firmware | < 3.08.03 | 3.08.03 |
| abb | nexus-2128-g_firmware | < 3.08.03 | 3.08.03 |
| abb | nexus-2128_firmware | < 3.08.03 | 3.08.03 |
| abb | nexus-264-a_firmware | < 3.08.03 | 3.08.03 |
| abb | nexus-264-f_firmware | < 3.08.03 | 3.08.03 |
| abb | nexus-264-g_firmware | < 3.08.03 | 3.08.03 |
| abb | nexus-264_firmware | < 3.08.03 | 3.08.03 |
| abb | nexus-3-2128_firmware | < 3.08.03 | 3.08.03 |
| abb | nexus-3-264_firmware | <= 3.07.02 | — |
| abb | nexus_series | <= 3.07.02 | — |