Unauthorized file access in WEB Server in ABB ASPECT - Enterprise v3.08.01; NEXUS Series

v3.08.01

; MATRIX Series

v3.08.01 allows Attacker to execute arbitrary code remotely
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Thu, 05 Dec 2024 13:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-20

Thu, 05 Dec 2024 13:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Thu, 05 Dec 2024 12:30:00 +0000

Type Values Removed Values Added
Description Improper Input Validation vulnerability in ABB ASPECT-Enterprise on Linux, ABB NEXUS Series on Linux, ABB MATRIX Series on Linux allows Remote Code Inclusion.This issue affects ASPECT-Enterprise: through 3.08.01; NEXUS Series: through 3.08.01; MATRIX Series: through 3.08.01. Unauthorized file access in WEB Server in ABB ASPECT - Enterprise v3.08.01; NEXUS Series v3.08.01 ; MATRIX Series v3.08.01 allows Attacker to execute arbitrary code remotely
Title Remote code execution remote code execution
Weaknesses CWE-1287
References
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

cvssV3_1

{'score': 10, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: ABB

Published:

Updated: 2024-12-05T12:16:19.488Z

Reserved: 2024-06-25T06:38:32.703Z

Link: CVE-2024-6298

cve-icon Vulnrichment

Updated: 2024-08-01T21:33:05.210Z

cve-icon NVD

Status : Modified

Published: 2024-07-05T11:15:10.617

Modified: 2024-12-05T13:15:09.803

Link: CVE-2024-6298

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.