9.3
CVE-2024-51545 - Username Enumeration
Username Enumeration vulnerabilities allow access to application level username add, delete, modify and list functions.ย Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02
8.8
CVE-2024-51544 - Service Control
Service Control vulnerabilities allow access to service restart requests and vm configuration settings.ย Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02
8.8
CVE-2024-51543 - Information Disclosure
Information Disclosure vulnerabilities allow access to application configuration information.ย Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02
8.8
CVE-2024-51542 - Configuration Download
Configuration Download vulnerabilities allow access to dependency configuration information.ย Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02
8.8
CVE-2024-51541 - Local File Inclusion
Local File Inclusion vulnerabilities allow access to sensitive system information.ย Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02
8.8
CVE-2024-48847 - MD5 bypass operation
MD5 Checksum Bypass vulnerabilities where found exploiting a weakness in the way an application dependency calculates or validates MD5 checksum hashes.ย Affected products: ABB ASPECT - Enterprise v3.08.01; NEXUS Series v3.08.01; MATRIX Series v3.08.01
7.1
CVE-2024-48846 - Cross Side Request Forgery, CSRF
Cross Site Request Forgery vulnerabilities where found providing a potiential for exposing sensitive information or changing system settings.ย Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02
9.3
CVE-2024-48845 - Weak Password Rules/Strength
Weak Password Reset Rules vulnerabilities where found providing a potiential for the storage of weak passwords that could facilitate unauthorized admin/application access.ย Affected products: ABB ASPECT - Enterprise v3.07.02; NEXUS Series v3.07.02; MATRIX Series v3.07.02
7.2
CVE-2024-48844 - Denial of Service, DoS
Denial of Service vulnerabilities where found providing a potiential for device service disruptions.ย Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02
7.6
CVE-2024-48843 - Denial of Service, DoS
Denial of Service vulnerabilities where found providing a potiential for device service disruptions.ย Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02