PT-2024-9240 · Abb · Abb Aspect Enterprise
Published
2024-12-05
·
Updated
2024-12-05
·
CVE-2024-51544
CVSS v4.0
8.8
High
| Vector | AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:L/SI:L/SA:L |
Name of the Vulnerable Software and Affected Versions:
ABB ASPECT Enterprise version 3.08.02
NEXUS Series version 3.08.02
MATRIX Series version 3.08.02
Description:
The issue is related to errors in system settings or configuration, allowing a remote attacker to gain unauthorized access to protected information. It affects the Service Control component, enabling access to service restart requests and virtual machine configuration settings.
Recommendations:
For ABB ASPECT Enterprise version 3.08.02, consider disabling the Service Control feature until a patch is available.
For NEXUS Series version 3.08.02, restrict access to the service restart requests and virtual machine configuration settings to minimize the risk of exploitation.
For MATRIX Series version 3.08.02, avoid using the vulnerable Service Control component until the issue is resolved.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Abb Aspect Enterprise