Vulnerabilities > ABB > Aspect ENT 2 Firmware > High

DATE CVE VULNERABILITY TITLE RISK
2024-12-05 CVE-2024-11316 Allocation of Resources Without Limits or Throttling vulnerability in ABB products
Fileszie Check vulnerabilities allow a malicious user to bypass size limits or overload to the product.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02
network
low complexity
abb CWE-770
7.5
7.5
2024-12-05 CVE-2024-48843 SQL Injection vulnerability in ABB products
Denial of Service vulnerabilities where found providing a potiential for device service disruptions.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02
network
low complexity
abb CWE-89
7.5
7.5
2024-12-05 CVE-2024-48846 Unspecified vulnerability in ABB products
Cross Site Request Forgery vulnerabilities where found providing a potiential for exposing sensitive information or changing system settings.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02
network
low complexity
abb
7.3
7.3
2024-12-05 CVE-2024-51541 Unspecified vulnerability in ABB products
Local File Inclusion vulnerabilities allow access to sensitive system information.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02
network
low complexity
abb
7.5
7.5
2024-12-05 CVE-2024-51542 Files or Directories Accessible to External Parties vulnerability in ABB products
Configuration Download vulnerabilities allow access to dependency configuration information.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02
network
low complexity
abb CWE-552
8.2
8.2
2024-12-05 CVE-2024-51543 Unspecified vulnerability in ABB products
Information Disclosure vulnerabilities allow access to application configuration information.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02
network
low complexity
abb
7.5
7.5
2024-12-05 CVE-2024-51544 External Control of System or Configuration Setting vulnerability in ABB products
Service Control vulnerabilities allow access to service restart requests and vm configuration settings.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02
network
low complexity
abb CWE-15
8.2
8.2
2024-12-05 CVE-2024-51546 Improper Validation of Specified Type of Input vulnerability in ABB products
Credentials Disclosure vulnerabilities allow access to on board project back-up bundles.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02
network
low complexity
abb CWE-1287
7.5
7.5
2024-12-05 CVE-2024-51548 Unspecified vulnerability in ABB products
Dangerous File Upload vulnerabilities allow upload of malicious scripts.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02
network
low complexity
abb
8.8
8.8
2024-12-05 CVE-2024-6515 Unspecified vulnerability in ABB products
Web browser interface may manipulate application username/password in clear text or Base64 encoding providing a higher probability of unintended credentails exposure.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02
network
low complexity
abb
8.1
8.1