Search Results | AttackerKB

Show filters

Topics 29 Users 9,700

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

29 Total Results

Displaying 1-10 of 29

Attacker Value

Unknown

CVE-2024-51547

Disclosure Date: February 06, 2025 (last updated February 06, 2025)

Use of Hard-coded Credentials vulnerability in ABB ASPECT-Enterprise, ABB NEXUS Series, ABB MATRIX Series.This issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MATRIX Series: through 3.08.03.

0

Attacker Value

Unknown

CVE-2024-6784

Disclosure Date: December 05, 2024 (last updated December 21, 2024)

Server-Side Request Forgery vulnerabilities were found providing a potential for access to unauthorized resources and unintended information disclosure. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02

0

Attacker Value

Unknown

CVE-2024-6516

Disclosure Date: December 05, 2024 (last updated December 21, 2024)

Cross Site Scripting vulnerabilities where found providing a potential for malicious scripts to be injected into a client browser. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02

0

Attacker Value

Unknown

CVE-2024-6515

Disclosure Date: December 05, 2024 (last updated December 21, 2024)

Web browser interface may manipulate application username/password in clear text or Base64 encoding providing a higher probability of unintended credentails exposure. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02

0

Attacker Value

Unknown

CVE-2024-51555

Disclosure Date: December 05, 2024 (last updated December 21, 2024)

Default Credentail vulnerabilities allows access to an Aspect device using publicly available default credentials since the system does not require the installer to change default credentials. Affected products: ABB ASPECT - Enterprise v3.07.02; NEXUS Series v3.07.02; MATRIX Series v3.07.02

0

Attacker Value

Unknown

CVE-2024-51554

Disclosure Date: December 05, 2024 (last updated December 21, 2024)

Default Credentail vulnerabilities in ASPECT on Linux allows access to the product using publicly available default credentials. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02

0

Attacker Value

Unknown

CVE-2024-51551

Disclosure Date: December 05, 2024 (last updated December 21, 2024)

Default Credentail vulnerabilities in ASPECT on Linux allows access to the product using publicly available default credentials. Affected products: ABB ASPECT - Enterprise v3.07.02; NEXUS Series v3.07.02; MATRIX Series v3.07.02

0

Attacker Value

Unknown

CVE-2024-51550

Disclosure Date: December 05, 2024 (last updated December 21, 2024)

Data Validation / Data Sanitization vulnerabilities in Linux allows unvalidated and unsanitized data to be injected in an Aspect device. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02

0

Attacker Value

Unknown

CVE-2024-51549

Disclosure Date: December 05, 2024 (last updated December 21, 2024)

Absolute File Traversal vulnerabilities allows access and modification of un-intended resources. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02

0

Attacker Value

Unknown

CVE-2024-51548

Disclosure Date: December 05, 2024 (last updated December 21, 2024)

Dangerous File Upload vulnerabilities allow upload of malicious scripts. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02

0