Abb Matrix Series vulnerabilities
59 known vulnerabilities affecting abb/matrix_series.
Total CVEs
59
CISA KEV
0
Public exploits
13
Exploited in wild
0
Severity breakdown
CRITICAL15HIGH33MEDIUM11
Vulnerabilities
Page 3 of 3
CVE-2024-48845CRITICALCVSS 9.3PoC≤ 3.07.022024-12-05
CVE-2024-48845 [CRITICAL] CWE-521 CVE-2024-48845: Weak Password Reset Rules vulnerabilities where found providing a potiential for the storage of wea
Weak Password Reset Rules vulnerabilities where found providing a potiential for the storage of weak passwords that could facilitate unauthorized admin/application access.
Affected products:
ABB ASPECT - Enterprise v3.07.02;
NEXUS Series v3.07.02;
MATRIX Series v3.07.02
cvelistv5nvd
CVE-2024-48840CRITICALCVSS 9.3PoC≤ 3.08.022024-12-05
CVE-2024-48840 [CRITICAL] CWE-94 CVE-2024-48840: Unauthorized Access vulnerabilities allow Remote Code Execution.
Affected products:
ABB ASPECT -
Unauthorized Access vulnerabilities allow Remote Code Execution.
Affected products:
ABB ASPECT - Enterprise v3.08.02;
NEXUS Series v3.08.02;
MATRIX Series v3.08.02
cvelistv5nvd
CVE-2024-11316HIGHCVSS 8.7≤ 3.08.022024-12-05
CVE-2024-11316 [HIGH] CWE-770 CVE-2024-11316: Fileszie Check vulnerabilities allow a malicious user to bypass size limits or overload to the produ
Fileszie Check vulnerabilities allow a malicious user to bypass size limits or overload to the product.
Affected products:
ABB ASPECT - Enterprise v3.08.02;
NEXUS Series v3.08.02;
MATRIX Series v3.08.02
cvelistv5nvd
CVE-2024-51544HIGHCVSS 8.8≤ 3.08.022024-12-05
CVE-2024-51544 [HIGH] CWE-15 CVE-2024-51544: Service Control vulnerabilities allow access to service restart requests and vm configuration settin
Service Control vulnerabilities allow access to service restart requests and vm configuration settings.
Affected products:
ABB ASPECT - Enterprise v3.08.02;
NEXUS Series v3.08.02;
MATRIX Series v3.08.02
cvelistv5nvd
CVE-2024-48843HIGHCVSS 7.6≤ 3.08.022024-12-05
CVE-2024-48843 [HIGH] CWE-770 CVE-2024-48843: Denial of Service vulnerabilities where found providing a potiential for device service disruptions.
Denial of Service vulnerabilities where found providing a potiential for device service disruptions.
Affected products:
ABB ASPECT - Enterprise v3.08.02;
NEXUS Series v3.08.02;
MATRIX Series v3.08.02
cvelistv5nvd
CVE-2024-51546HIGHCVSS 8.7PoC≤ 3.08.022024-12-05
CVE-2024-51546 [HIGH] CWE-1287 CVE-2024-51546: Credentials Disclosure vulnerabilities allow access to on board project back-up bundles.
Affected p
Credentials Disclosure vulnerabilities allow access to on board project back-up bundles.
Affected products:
ABB ASPECT - Enterprise v3.08.02;
NEXUS Series v3.08.02;
MATRIX Series v3.08.02
cvelistv5nvd
CVE-2024-51554HIGHCVSS 8.8≤ 3.08.022024-12-05
CVE-2024-51554 [HIGH] CWE-193 CVE-2024-51554: Default Credentail vulnerabilities in ASPECT on Linux allows access to the product using publicly av
Default Credentail vulnerabilities in ASPECT on Linux allows access to the product using publicly available default credentials.
Affected products:
ABB ASPECT - Enterprise v3.08.02;
NEXUS Series v3.08.02;
MATRIX Series v3.08.02
cvelistv5nvd
CVE-2024-51541HIGHCVSS 8.8≤ 3.08.022024-12-05
CVE-2024-51541 [HIGH] CWE-98 CVE-2024-51541: Local File Inclusion vulnerabilities allow access to sensitive system information.
Affected product
Local File Inclusion vulnerabilities allow access to sensitive system information.
Affected products:
ABB ASPECT - Enterprise v3.08.02;
NEXUS Series v3.08.02;
MATRIX Series v3.08.02
cvelistv5nvd
CVE-2024-6784HIGHCVSS 8.7≤ 3.08.022024-12-05
CVE-2024-6784 [HIGH] CWE-918 CVE-2024-6784: Server-Side Request Forgery vulnerabilities were found providing a potential for access to unauthori
Server-Side Request Forgery vulnerabilities were found providing a potential for access to unauthorized resources and unintended information disclosure.
Affected products:
ABB ASPECT - Enterprise v3.08.02;
NEXUS Series v3.08.02;
MATRIX Series v3.08.02
cvelistv5nvd
CVE-2024-48844HIGHCVSS 7.2PoC≤ 3.08.022024-12-05
CVE-2024-48844 [HIGH] CWE-770 CVE-2024-48844: Denial of Service vulnerabilities where found providing a potiential for device service disruptions.
Denial of Service vulnerabilities where found providing a potiential for device service disruptions.
Affected products:
ABB ASPECT - Enterprise v3.08.02;
NEXUS Series v3.08.02;
MATRIX Series v3.08.02
cvelistv5nvd
CVE-2024-51542HIGHCVSS 8.8≤ 3.08.022024-12-05
CVE-2024-51542 [HIGH] CWE-552 CVE-2024-51542: Configuration Download vulnerabilities allow access to dependency configuration information.
Affect
Configuration Download vulnerabilities allow access to dependency configuration information.
Affected products:
ABB ASPECT - Enterprise v3.08.02;
NEXUS Series v3.08.02;
MATRIX Series v3.08.02
cvelistv5nvd
CVE-2024-51543HIGHCVSS 8.8≤ 3.08.022024-12-05
CVE-2024-51543 [HIGH] CWE-15 CVE-2024-51543: Information Disclosure vulnerabilities allow access to application configuration information.
Affec
Information Disclosure vulnerabilities allow access to application configuration information.
Affected products:
ABB ASPECT - Enterprise v3.08.02;
NEXUS Series v3.08.02;
MATRIX Series v3.08.02
cvelistv5nvd
CVE-2024-48846HIGHCVSS 7.1PoC≤ 3.08.022024-12-05
CVE-2024-48846 [HIGH] CWE-352 CVE-2024-48846: Cross Site Request Forgery vulnerabilities where found providing a potiential for exposing sensitive
Cross Site Request Forgery vulnerabilities where found providing a potiential for exposing sensitive information or changing system settings.
Affected products:
ABB ASPECT - Enterprise v3.08.02;
NEXUS Series v3.08.02;
MATRIX Series v3.08.02
cvelistv5nvd
CVE-2024-48847HIGHCVSS 8.8≤ 3.08.012024-12-05
CVE-2024-48847 [HIGH] CWE-328 CVE-2024-48847: MD5 Checksum Bypass vulnerabilities where found exploiting a weakness in the way an application depe
MD5 Checksum Bypass vulnerabilities where found exploiting a weakness in the way an application dependency calculates or validates MD5 checksum hashes.
Affected products:
ABB ASPECT - Enterprise v3.08.01;
NEXUS Series v3.08.01;
MATRIX Series v3.08.01
cvelistv5nvd
CVE-2024-6515HIGHCVSS 8.7≥ initial, ≤ 3.08.022024-12-05
CVE-2024-6515 [HIGH] CWE-319 CVE-2024-6515: Web browser interface may manipulate application username/password in clear text or Base64 encoding
Web browser interface may manipulate application username/password in clear text or Base64 encoding providing a higher probability of unintended credentails exposure.
Affected products:
ABB ASPECT - Enterprise v3.08.02;
NEXUS Series v3.08.02;
MATRIX Series v3.08.02
cvelistv5nvd
CVE-2024-51548HIGHCVSS 8.7≤ 3.08.022024-12-05
CVE-2024-51548 [HIGH] CWE-434 CVE-2024-51548: Dangerous File Upload vulnerabilities allow upload of malicious scripts.
Affected products:
ABB A
Dangerous File Upload vulnerabilities allow upload of malicious scripts.
Affected products:
ABB ASPECT - Enterprise v3.08.02;
NEXUS Series v3.08.02;
MATRIX Series v3.08.02
cvelistv5nvd
CVE-2024-6298CRITICALCVSS 9.4PoC≤ 3.08.012024-07-05
CVE-2024-6298 [CRITICAL] CWE-1287 CVE-2024-6298: Unauthorized file access in WEB Server in ABB ASPECT - Enterprise v3.08.01; NEXUS Series
v3.08.01
Unauthorized file access in WEB Server in ABB ASPECT - Enterprise v3.08.01; NEXUS Series
v3.08.01
; MATRIX Series
v3.08.01 allows Attacker to execute arbitrary code remotely
cvelistv5nvd
CVE-2024-6209CRITICALCVSS 9.4PoC≤ 3.08.012024-07-05
CVE-2024-6209 [CRITICAL] CWE-552 CVE-2024-6209: Unauthorized file access in WEB Server in ABB ASPECT - Enterprise v3.08.01; NEXUS Series
v3.08.01
Unauthorized file access in WEB Server in ABB ASPECT - Enterprise v3.08.01; NEXUS Series
v3.08.01
; MATRIX Series
v3.08.01 allows Attacker to access files unauthorized
cvelistv5nvd
CVE-2024-4007HIGHCVSS 8.7PoCv3.072024-07-01
CVE-2024-4007 [HIGH] CWE-1392 CVE-2024-4007: Default credential in install package in ABB ASPECT; NEXUS Series; MATRIX Series version 3.07 allows
Default credential in install package in ABB ASPECT; NEXUS Series; MATRIX Series version 3.07 allows attacker to login to product instances wrongly configured.
cvelistv5nvd
← Previous3 / 3