Vulnerabilities > ABB > Nexus 3 264 Firmware > 3.08.03

DATE CVE VULNERABILITY TITLE RISK
2025-02-06 CVE-2024-51547 Use of Hard-coded Credentials vulnerability in ABB products
Use of Hard-coded Credentials vulnerability in ABB ASPECT-Enterprise, ABB NEXUS Series, ABB MATRIX Series.This issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MATRIX Series: through 3.08.03.
network
low complexity
abb CWE-798
critical
 9.8
9.8
2024-12-05 CVE-2024-11316 Allocation of Resources Without Limits or Throttling vulnerability in ABB products
Fileszie Check vulnerabilities allow a malicious user to bypass size limits or overload to the product.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02
network
low complexity
abb CWE-770
7.5
7.5
2024-12-05 CVE-2024-11317 Session Fixation vulnerability in ABB products
Session Fixation vulnerabilities allow an attacker to fix a users session identifier before login providing an opportunity for session takeover on a product.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02
network
low complexity
abb CWE-384
critical
 10.0
10
2024-12-05 CVE-2024-51542 Files or Directories Accessible to External Parties vulnerability in ABB products
Configuration Download vulnerabilities allow access to dependency configuration information.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02
network
low complexity
abb CWE-552
8.2
8.2
2024-12-05 CVE-2024-51544 External Control of System or Configuration Setting vulnerability in ABB products
Service Control vulnerabilities allow access to service restart requests and vm configuration settings.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02
network
low complexity
abb CWE-15
8.2
8.2
2024-12-05 CVE-2024-51546 Improper Validation of Specified Type of Input vulnerability in ABB products
Credentials Disclosure vulnerabilities allow access to on board project back-up bundles.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02
network
low complexity
abb CWE-1287
7.5
7.5
2024-12-05 CVE-2024-6784 Server-Side Request Forgery (SSRF) vulnerability in ABB products
Server-Side Request Forgery vulnerabilities were found providing a potential for access to unauthorized resources and unintended information disclosure.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02
network
low complexity
abb CWE-918
critical
 9.9
9.9