Username Enumeration vulnerabilities allow access to application level username add, delete, modify and list functions.
Affected products:
ABB ASPECT - Enterprise v3.08.02;
NEXUS Series v3.08.02;
Session Fixation vulnerabilities allow an attacker to fix a users session identifier before login providing an opportunity for session takeover on a product.
Affected products:
ABB ASPECT - Enterpr
Information Disclosure vulnerabilities allow access to application configuration information.
Affected products:
ABB ASPECT - Enterprise v3.08.02;
NEXUS Series v3.08.02;
MATRIX Series v3.08.02
Server-Side Request Forgery vulnerabilities were found providing a potential for access to unauthorized resources and unintended information disclosure.
Affected products:
ABB ASPECT - Enterprise v
Local File Inclusion vulnerabilities allow access to sensitive system information.
Affected products:
ABB ASPECT - Enterprise v3.08.02;
NEXUS Series v3.08.02;
MATRIX Series v3.08.02
Service Control vulnerabilities allow access to service restart requests and vm configuration settings.
Affected products:
ABB ASPECT - Enterprise v3.08.02;
NEXUS Series v3.08.02;
MATRIX Series v
Cross Site Request Forgery vulnerabilities where found providing a potiential for exposing sensitive information or changing system settings.
Affected products:
ABB ASPECT - Enterprise v3.08.02;
N
Configuration Download vulnerabilities allow access to dependency configuration information.
Affected products:
ABB ASPECT - Enterprise v3.08.02;
NEXUS Series v3.08.02;
MATRIX Series v3.08.02
Credentials Disclosure vulnerabilities allow access to on board project back-up bundles.
Affected products:
ABB ASPECT - Enterprise v3.08.02;
NEXUS Series v3.08.02;
MATRIX Series v3.08.02
Denial of Service vulnerabilities where found providing a potiential for device service disruptions.
Affected products:
ABB ASPECT - Enterprise v3.08.02;
NEXUS Series v3.08.02;
MATRIX Series v3.0
Denial of Service vulnerabilities where found providing a potiential for device service disruptions.
Affected products:
ABB ASPECT - Enterprise v3.08.02;
NEXUS Series v3.08.02;
MATRIX Series v3.0
Unauthorized Access vulnerabilities allow Remote Code Execution.
Affected products:
ABB ASPECT - Enterprise v3.08.02;
NEXUS Series v3.08.02;
MATRIX Series v3.08.02
Default Credentail vulnerabilities in ASPECT on Linux allows access to the product using publicly available default credentials.
Affected products:
ABB ASPECT - Enterprise v3.08.02;
NEXUS Series v
Use of Hard-coded Credentials vulnerability in ABB ASPECT-Enterprise, ABB NEXUS Series, ABB MATRIX Series.This issue affects ASPECT-Enterprise: through 3.*; NEXUS Series: through 3.*; MATRIX Series: t
Cross Site Scripting vulnerabilities where found providing a potential for malicious scripts to be injected into a client browser.
Affected products:
ABB ASPECT - Enterprise v3.08.02;
NEXUS Series
Default Credentail vulnerabilities in ASPECT on Linux allows access to the product using publicly available default credentials.
Affected products:
ABB ASPECT - Enterprise v3.07.02;
NEXUS Series v
Default Credentail vulnerabilities allows access to an Aspect device using publicly available default credentials since the system does not require the installer to change default credentials.
Affect
Web browser interface may manipulate application username/password in clear text or Base64 encoding providing a higher probability of unintended credentails exposure.
Affected products:
ABB ASPECT
MD5 Checksum Bypass vulnerabilities where found exploiting a weakness in the way an application dependency calculates or validates MD5 checksum hashes.
Affected products:
ABB ASPECT - Enterprise v3
Weak Password Reset Rules vulnerabilities where found providing a potiential for the storage of weak passwords that could facilitate unauthorized admin/application access.
Affected products:
ABB
Page 1+ Next →