CVE-2024-48843
05.12.2024, 13:15
Denial of Service vulnerabilities where found providing a potiential for device service disruptions. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02
| Vendor | Product | Version |
|---|---|---|
| abb | aspect-ent-2_firmware | 𝑥 < 3.08.03 |
| abb | aspect-ent-256_firmware | 𝑥 < 3.08.03 |
| abb | aspect-ent-96_firmware | 𝑥 < 3.08.03 |
| abb | nexus-2128_firmware | 𝑥 < 3.08.03 |
| abb | nexus-2128-a_firmware | 𝑥 < 3.08.03 |
| abb | nexus-2128-f_firmware | 𝑥 < 3.08.03 |
| abb | nexus-2128-g_firmware | 𝑥 < 3.08.03 |
| abb | nexus-264_firmware | 𝑥 < 3.08.03 |
| abb | nexus-264-a_firmware | 𝑥 < 3.08.03 |
| abb | nexus-264-g_firmware | 𝑥 < 3.08.03 |
| abb | nexus-3-2128_firmware | 𝑥 < 3.08.03 |
| abb | aspect-ent-12_firmware | 𝑥 < 3.08.03 |
| abb | nexus-264-f_firmware | 𝑥 < 3.08.03 |
| abb | nexus-3-264_firmware | 𝑥 < 3.08.03 |
| abb | matrix-11_firmware | 𝑥 < 3.08.03 |
| abb | matrix-216_firmware | 𝑥 < 3.08.03 |
| abb | matrix-232_firmware | 𝑥 < 3.08.03 |
| abb | matrix-264_firmware | 𝑥 < 3.08.03 |
| abb | matrix-296_firmware | 𝑥 < 3.08.03 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-770 - Allocation of Resources Without Limits or ThrottlingThe software allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor.
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')The software constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component.