VDB

CVE-2024-13929

CVE-2024-13929 PUBLISHED CVSS 7.199999809265137 HIGH

Servlet injection vulnerabilities in ASPECT allow remote code execution if session administrator credentials become compromised. This issue affects ASPECT <= 3.08.03

EPSS 1.66% · 82.4th percentile

Risk Scores

CVSS 3.1
7.199999809265137
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
EPSS Score
1.66%
82.4th percentile

Affected Products

VendorProductVersions
ABBASPECT®-Enterprise ASP-ENT-x version <=3.08.03
ABBNEXUS Series NEX-2x version <=3.08.03
ABBMATRIX Series MAT-x version <=3.08.03
ABBNEXUS Series NEXUS-3-x version <=3.08.03

Timeline

  • May 22, 2025 Coalition ESS Score
  • May 22, 2025 CVE Published
  • May 22, 2025 PoC Published
  • May 23, 2025 EPSS Score
  • May 23, 2025 Coalition ESS Score
  • May 23, 2025 CVE Updated
  • Jun 3, 2025 EPSS Score
  • Jun 14, 2025 EPSS Score
  • Jun 25, 2025 EPSS Score
  • Jul 6, 2025 EPSS Score
  • Jul 18, 2025 EPSS Score
  • Jul 29, 2025 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›