CVE-2024-51545

Name of the Vulnerable Software and Affected Versions: ABB ASPECT - Enterprise version 3.08.02 NEXUS Series version 3.08.02 MATRIX Series version 3.08.02

Description: The issue is related to insufficient protection of registration data, allowing a remote attacker to potentially elevate their privileges. It is a username enumeration vulnerability that exposes application-level username functions, including add, delete, modify, and list.

Recommendations: For ABB ASPECT - Enterprise version 3.08.02, consider disabling access to the username management functions until a patch is available. For NEXUS Series version 3.08.02, restrict access to the vulnerable components to minimize the risk of exploitation. For MATRIX Series version 3.08.02, avoid using the affected functions until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.