Vulnerabilities > ABB > Nexus 264 G Firmware > 3.0.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-02-06 | CVE-2024-51547 | Cleartext Storage of Sensitive Information vulnerability in ABB products Credentials/keys may be disclosed in ASPECT exposing sensitive information to a potential attackerThis issue affects ASPECT-Enterprise: through 3.*; NEXUS Series: through 3.*; MATRIX Series: through 3.*. | 9.8 |
| 2024-12-05 | CVE-2024-11316 | Allocation of Resources Without Limits or Throttling vulnerability in ABB products Fileszie Check vulnerabilities allow a malicious user to bypass size limits or overload to the product. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 | 7.5 |
| 2024-12-05 | CVE-2024-11317 | Session Fixation vulnerability in ABB products Session Fixation vulnerabilities allow an attacker to fix a users session identifier before login providing an opportunity for session takeover on a product. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 | 10.0 |
| 2024-12-05 | CVE-2024-48840 | Unspecified vulnerability in ABB products Unauthorized Access vulnerabilities allow Remote Code Execution. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 | 9.8 |
| 2024-12-05 | CVE-2024-48843 | SQL Injection vulnerability in ABB products Denial of Service vulnerabilities where found providing a potiential for device service disruptions. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 | 7.5 |
| 2024-12-05 | CVE-2024-48844 | Unspecified vulnerability in ABB products Denial of Service vulnerabilities where found providing a potiential for device service disruptions. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 | 6.5 |
| 2024-12-05 | CVE-2024-48845 | Unspecified vulnerability in ABB products Weak Password Reset Rules vulnerabilities where found providing a potiential for the storage of weak passwords that could facilitate unauthorized admin/application access. Affected products: ABB ASPECT - Enterprise v3.07.02; NEXUS Series v3.07.02; MATRIX Series v3.07.02 | 9.8 |
| 2024-12-05 | CVE-2024-48846 | Unspecified vulnerability in ABB products Cross Site Request Forgery vulnerabilities where found providing a potiential for exposing sensitive information or changing system settings. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 | 7.3 |
| 2024-12-05 | CVE-2024-48847 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in ABB products MD5 Checksum Bypass vulnerabilities where found exploiting a weakness in the way an application dependency calculates or validates MD5 checksum hashes. Affected products: ABB ASPECT - Enterprise v3.08.01; NEXUS Series v3.08.01; MATRIX Series v3.08.01 | 9.1 |
| 2024-12-05 | CVE-2024-51541 | Unspecified vulnerability in ABB products Local File Inclusion vulnerabilities allow access to sensitive system information. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 | 7.5 |