Abb Matrix-11

29 CVEs affecting Abb Matrix-11. Latest disclosed: 2025-02-06. Critical: 16, High: 13.

Top CVEs affecting Abb Matrix-11
CVESeverityScorePublishedSummary
CVE-2024-51551Critical10.02024-12-05Default Credentail vulnerabilities in ASPECT on Linux allows access to the product using publicly available default credentials.  Affected products: ABB ASPE…
CVE-2024-51550Critical10.02024-12-05Data Validation / Data Sanitization vulnerabilities in Linux allows unvalidated and unsanitized data to be injected in an Aspect device.  Affected products: …
CVE-2024-51549Critical10.02024-12-05Absolute File Traversal vulnerabilities allows access and modification of un-intended resources.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXU…
CVE-2024-51545Critical10.02024-12-05Username Enumeration vulnerabilities allow access to application level username add, delete, modify and list functions.  Affected products: ABB ASPECT - Ente…
CVE-2024-48840Critical10.02024-12-05Unauthorized Access vulnerabilities allow Remote Code Execution.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series…
CVE-2024-48839Critical10.02024-12-05Improper Input Validation vulnerability allows Remote Code Execution.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX S…
CVE-2024-11317Critical10.02024-12-05Session Fixation vulnerabilities allow an attacker to fix a users session identifier before login providing an opportunity for session takeover on a product.  …
CVE-2024-6298Critical10.02024-07-05Unauthorized file access in WEB Server in ABB ASPECT - Enterprise v3.08.01; NEXUS Series v3.08.01 ; MATRIX Series v3.08.01 allows Attacker to execute arb…
CVE-2024-6209Critical10.02024-07-05Unauthorized file access in WEB Server in ABB ASPECT - Enterprise v3.08.01; NEXUS Series v3.08.01 ; MATRIX Series v3.08.01 allows Attacker to access file…
CVE-2024-6784Critical9.92024-12-05Server-Side Request Forgery vulnerabilities were found providing a potential for access to unauthorized resources and unintended information disclosure.  Affec…
CVE-2024-51548Critical9.92024-12-05Dangerous File Upload vulnerabilities allow upload of malicious scripts.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRI…
CVE-2024-51547Critical9.82025-02-06Use of Hard-coded Credentials vulnerability in ABB ASPECT-Enterprise, ABB NEXUS Series, ABB MATRIX Series.This issue affects ASPECT-Enterprise: through 3.*; NE…
CVE-2024-6515Critical9.62024-12-05Web browser interface may manipulate application username/password in clear text or Base64 encoding providing a higher probability of unintended credentails e…
CVE-2024-48845Critical9.42024-12-05Weak Password Reset Rules vulnerabilities where found providing a potiential for the storage of weak passwords that could facilitate unauthorized admin/appli…
CVE-2024-51554Critical9.12024-12-05Default Credentail vulnerabilities in ASPECT on Linux allows access to the product using publicly available default credentials.  Affected products: ABB ASPE…
CVE-2024-6516Critical9.02024-12-05Cross Site Scripting vulnerabilities where found providing a potential for malicious scripts to be injected into a client browser.  Affected products: ABB AS…
CVE-2024-4007High8.82024-07-01Default credential in install package in ABB ASPECT; NEXUS Series; MATRIX Series version 3.07 allows attacker to login to product instances wrongly configured.
CVE-2024-51544High8.22024-12-05Service Control vulnerabilities allow access to service restart requests and vm configuration settings.  Affected products: ABB ASPECT - Enterprise v3.08.02…
CVE-2024-51543High8.22024-12-05Information Disclosure vulnerabilities allow access to application configuration information.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Se…
CVE-2024-51542High8.22024-12-05Configuration Download vulnerabilities allow access to dependency configuration information.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Ser…