CVE-2024-51543 - Vulnerability Details

Information Disclosure vulnerabilities allow access to application configuration information. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02

Attack Vector Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact None

Subsequent System Confidentiality Impact Low

Subsequent System Integrity Impact Low

Subsequent System Availability Impact Low

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable yes

Technical Impact partial

Vendors	Products
Abb	Aspect Enterprise Matrix Series Nexus Series

No data.

References

Link	Providers
https://search.abb.com/library/Download.aspx?DocumentID=9AKK108469A7497&LanguageCode=en&DocumentPartId=&Action=Launch

History

Thu, 05 Dec 2024 15:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Abb Abb aspect Enterprise Abb matrix Series Abb nexus Series
CPEs		cpe:2.3:a:abb:aspect_enterprise:::::::: cpe:2.3:a:abb:matrix_series:::::::: cpe:2.3:a:abb:nexus_series::::::::
Vendors & Products		Abb Abb aspect Enterprise Abb matrix Series Abb nexus Series
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Thu, 05 Dec 2024 13:00:00 +0000

Type	Values Removed	Values Added
Description		Information Disclosure vulnerabilities allow access to application configuration information. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02
Title		Information Disclosure
Weaknesses		CWE-15
References		https://search.abb.com/library/Download.aspx?DocumentID=9AKK108469A7497&LanguageCode=en&DocumentPartId=&Action=Launch
Metrics		cvssV3_1 `{'score': 8.2, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N'}` cvssV4_0 `{'score': 8.8, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:L/SI:L/SA:L'}`

MITRE

Status: PUBLISHED

Assigner: ABB

Published: 2024-12-05T12:47:06.288Z

Updated: 2024-12-05T14:53:38.763Z

Reserved: 2024-10-29T11:48:54.542Z

Link: CVE-2024-51543

Vulnrichment

Updated: 2024-12-05T14:53:25.644Z

NVD

Status : Received

Published: 2024-12-05T13:15:07.613

Modified: 2024-12-05T13:15:07.613

Link: CVE-2024-51543

Redhat

No data.

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact None

Subsequent System Confidentiality Impact Low

Subsequent System Integrity Impact Low

Subsequent System Availability Impact Low

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact Low

Availability Impact None

User Interaction None

Exploitation none

Automatable yes

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object