VDB

GCVE-110-NCSC-2024-465

GCVE-110-NCSC-2024-465
Advisory PublishedCVSS 10.0/10
Vulnetix · Advisory published December 6, 2024
ABB heeft kwetsbaarheden verholpen in ABB ASPECT, NEXUS Series en MATRIX Series (Specifiek voor versies tot 3.08.02).

Weaknesses (CWE)

CWE-552Files or Directories Accessible to External PartiesCWE-20Improper Input ValidationCWE-319Cleartext Transmission of Sensitive InformationCWE-79Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')CWE-918Server-Side Request Forgery (SSRF)CWE-770Allocation of Resources Without Limits or ThrottlingCWE-384Session FixationCWE-94Improper Control of Generation of Code ('Code Injection')CWE-521Weak Password RequirementsCWE-352Cross-Site Request Forgery (CSRF)CWE-328Use of Weak HashCWE-98Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')CWE-15External Control of System or Configuration SettingCWE-522Insufficiently Protected CredentialsCWE-1287Improper Validation of Specified Type of InputCWE-434Unrestricted Upload of File with Dangerous TypeCWE-36Absolute Path TraversalCWE-193Off-by-one ErrorCWE-1393Use of Default Password

Risk Scores

CVSS 3.1
10.0/10
Critical · CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Affected Products

VendorProductVersionsPlatforms
abbmatrix_series
abbaspect_enterprise
abbnexus_series
abbaspect-ent-256_firmware
abbaspect-ent-12_firmware

References

advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory

Browse GCVE Records

72,096 records in the GCVE database · Updated July 14, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›