PT-2024-9341 · Abb · Matrix Series+2
Published
2024-12-05
·
Updated
2024-12-05
·
CVE-2024-6515
CVSS v3.1
9.6
Critical
| Vector | AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N |
Name of the Vulnerable Software and Affected Versions:
ABB ASPECT - Enterprise version 3.08.02
NEXUS Series version 3.08.02
MATRIX Series version 3.08.02
Description:
The issue is related to the web browser interface, which may manipulate application username and password in clear text or Base64 encoding, increasing the probability of unintended credentials exposure. This could allow a remote attacker to disclose protected information.
Recommendations:
For ABB ASPECT - Enterprise version 3.08.02, update to version 3.08.03 to protect against the issue.
For NEXUS Series version 3.08.02, update to version 3.08.03 to protect against the issue.
For MATRIX Series version 3.08.02, update to version 3.08.03 to protect against the issue.
Fix
Cleartext Transmission of Sensitive Information
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Abb Aspect
Matrix Series
Nexus Series