CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-51542 – Configuration Download
https://notcve.org/view.php?id=CVE-2024-51542
Configuration Download vulnerabilities allow access to dependency configuration information. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 • https://search.abb.com/library/Download.aspx?DocumentID=9AKK108469A7497&LanguageCode=en&DocumentPartId=&Action=Launch • CWE-552: Files or Directories Accessible to External Parties •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-51541 – Local File Inclusion
https://notcve.org/view.php?id=CVE-2024-51541
Local File Inclusion vulnerabilities allow access to sensitive system information. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 • https://search.abb.com/library/Download.aspx?DocumentID=9AKK108469A7497&LanguageCode=en&DocumentPartId=&Action=Launch • CWE-98: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-48847 – MD5 bypass operation
https://notcve.org/view.php?id=CVE-2024-48847
MD5 Checksum Bypass vulnerabilities where found exploiting a weakness in the way an application dependency calculates or validates MD5 checksum hashes. Affected products: ABB ASPECT - Enterprise v3.08.01; NEXUS Series v3.08.01; MATRIX Series v3.08.01 • https://search.abb.com/library/Download.aspx?DocumentID=9AKK108469A7497&LanguageCode=en&DocumentPartId=&Action=Launch • CWE-328: Use of Weak Hash •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2024-48846 – Cross Side Request Forgery, CSRF
https://notcve.org/view.php?id=CVE-2024-48846
Cross Site Request Forgery vulnerabilities where found providing a potiential for exposing sensitive information or changing system settings. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 • https://search.abb.com/library/Download.aspx?DocumentID=9AKK108469A7497&LanguageCode=en&DocumentPartId=&Action=Launch • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 9.4EPSS: 0%CPEs: 3EXPL: 0CVE-2024-48845 – Weak Password Rules/Strength
https://notcve.org/view.php?id=CVE-2024-48845
Weak Password Reset Rules vulnerabilities where found providing a potiential for the storage of weak passwords that could facilitate unauthorized admin/application access. Affected products: ABB ASPECT - Enterprise v3.07.02; NEXUS Series v3.07.02; MATRIX Series v3.07.02 • https://search.abb.com/library/Download.aspx?DocumentID=9AKK108469A7497&LanguageCode=en&DocumentPartId=&Action=Launch • CWE-521: Weak Password Requirements •