CVE-2024-51551
05.12.2024, 13:15
Default Credentail vulnerabilities in ASPECT on Linux allows access to the product using publicly available default credentials. Affected products: ABB ASPECT - Enterprise v3.07.02; NEXUS Series v3.07.02; MATRIX Series v3.07.02Enginsight
| Vendor | Product | Version |
|---|---|---|
| abb | aspect-ent-2_firmware | 𝑥 ≤ 3.07.02 |
| abb | aspect-ent-256_firmware | 𝑥 ≤ 3.07.02 |
| abb | aspect-ent-96_firmware | 𝑥 ≤ 3.07.02 |
| abb | nexus-2128_firmware | 𝑥 ≤ 3.07.02 |
| abb | nexus-2128-a_firmware | 𝑥 ≤ 3.07.02 |
| abb | nexus-2128-g_firmware | 𝑥 ≤ 3.07.02 |
| abb | nexus-264_firmware | 𝑥 ≤ 3.07.02 |
| abb | nexus-264-a_firmware | 𝑥 ≤ 3.07.02 |
| abb | nexus-264-f_firmware | 𝑥 ≤ 3.07.02 |
| abb | nexus-264-g_firmware | 𝑥 ≤ 3.07.02 |
| abb | nexus-3-2128_firmware | 𝑥 ≤ 3.07.02 |
| abb | aspect-ent-12_firmware | 𝑥 ≤ 3.07.02 |
| abb | nexus-2128-f_firmware | 𝑥 ≤ 3.07.02 |
| abb | nexus-3-264_firmware | 𝑥 ≤ 3.07.02 |
| abb | matrix-11_firmware | 𝑥 ≤ 3.07.02 |
| abb | matrix-216_firmware | 𝑥 ≤ 3.07.02 |
| abb | matrix-232_firmware | 𝑥 ≤ 3.07.02 |
| abb | matrix-264_firmware | 𝑥 ≤ 3.07.02 |
| abb | matrix-296_firmware | 𝑥 ≤ 3.07.02 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-1287 - Improper Validation of Specified Type of InputThe product receives input that is expected to be of a certain type, but it does not validate or incorrectly validates that the input is actually of the expected type.
- CWE-798 - Use of Hard-coded CredentialsThe software contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.