ABB MATRIX-264
Approved changes feed: RSS · Atom
cpe:2.3:h:abb:matrix-264:-:*:*:*:*:*:*:*
part: h version: - update: *
| Vendor | Abb (6be1db4f-4f59-5a03-a118-0ff43377170e) |
|---|---|
| Product | Matrix 264 (f5666af0-fb40-5db0-9677-10238168683f) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-6784 |
not_vulnerable | 2026-06-03 14:58:04.141382 |
SSRF Server Side Request Forgery
CRITICAL (9.9)
Server-Side Request Forgery vulnerabilities were found providing a potential for access to unauthorized resources and unintended information disclosure.
Affected products:
ABB ASPECT - Enterprise v3.08.02;
NEXUS Series v3.08.02;
MATRIX Series v3.08.02
Published: 2024-12-05T12:25:28.078Z
Updated: 2024-12-05T18:49:57.676Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-6516 |
not_vulnerable | 2026-06-03 14:58:03.369540 |
Cross Site Scripting XSS
CRITICAL (9)
Cross Site Scripting vulnerabilities where found providing a potential for malicious scripts to be injected into a client browser.
Affected products:
ABB ASPECT - Enterprise v3.08.02;
NEXUS Series v3.08.02;
MATRIX Series v3.08.02
Published: 2024-12-05T12:24:16.644Z
Updated: 2024-12-05T18:50:07.866Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-6515 |
not_vulnerable | 2026-06-03 14:58:03.358736 |
unauthorized file access
CRITICAL (9.6)
Web browser interface may manipulate application username/password in clear text or Base64 encoding providing a higher probability of unintended credentails exposure.
Affected products:
ABB ASPECT - Enterprise v3.08.02;
NEXUS Series v3.08.02;
MATRIX Series v3.08.02
Published: 2024-12-05T12:22:36.946Z
Updated: 2024-12-05T18:50:20.432Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-6298 |
not_vulnerable | 2026-06-03 14:58:02.518312 |
remote code execution
CRITICAL (10)
Unauthorized file access in WEB Server in ABB ASPECT - Enterprise v3.08.01; NEXUS Series
v3.08.01
; MATRIX Series
v3.08.01 allows Attacker to execute arbitrary code remotely
Published: 2024-07-05T11:06:35.066Z
Updated: 2024-12-05T12:16:19.488Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-6209 |
not_vulnerable | 2026-06-03 14:58:02.245847 |
unauthorized file access
CRITICAL (10)
Unauthorized file access in WEB Server in ABB ASPECT - Enterprise v3.08.01; NEXUS Series
v3.08.01
; MATRIX Series
v3.08.01 allows Attacker to access files unauthorized
Published: 2024-07-05T11:10:05.458Z
Updated: 2024-12-05T12:13:47.544Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-51554 |
not_vulnerable | 2026-06-03 14:57:26.112494 |
off-by-one-error
CRITICAL (9.1)
Default Credentail vulnerabilities in ASPECT on Linux allows access to the product using publicly available default credentials.
Affected products:
ABB ASPECT - Enterprise v3.08.02;
NEXUS Series v3.08.02;
MATRIX Series v3.08.02
Published: 2024-12-05T12:58:51.342Z
Updated: 2024-12-05T14:36:37.414Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-51551 |
not_vulnerable | 2026-06-03 14:57:26.109439 |
Default Credentials
CRITICAL (10)
Default Credentail vulnerabilities in ASPECT on Linux allows access to the product using publicly available default credentials.
Affected products:
ABB ASPECT - Enterprise v3.07.02;
NEXUS Series v3.07.02;
MATRIX Series v3.07.02
Published: 2024-12-05T12:57:06.089Z
Updated: 2024-12-05T15:01:42.017Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-51550 |
not_vulnerable | 2026-06-03 14:57:26.107663 |
Data Validation / Sanitization
CRITICAL (10)
Data Validation / Data Sanitization vulnerabilities in Linux allows unvalidated and unsanitized data to be injected in an Aspect device.
Affected products:
ABB ASPECT - Enterprise v3.08.02;
NEXUS Series v3.08.02;
MATRIX Series v3.08.02
Published: 2024-12-05T12:56:07.332Z
Updated: 2024-12-05T15:05:36.860Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-51549 |
not_vulnerable | 2026-06-03 14:57:26.105025 |
Absolute Path Traversal
CRITICAL (10)
Absolute File Traversal vulnerabilities allows access and modification of un-intended resources.
Affected products:
ABB ASPECT - Enterprise v3.08.02;
NEXUS Series v3.08.02;
MATRIX Series v3.08.02
Published: 2024-12-05T12:54:31.077Z
Updated: 2024-12-05T15:09:13.063Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-51548 |
not_vulnerable | 2026-06-03 14:57:26.102939 |
Dangerous File Upload
CRITICAL (9.9)
Dangerous File Upload vulnerabilities allow upload of malicious scripts.
Affected products:
ABB ASPECT - Enterprise v3.08.02;
NEXUS Series v3.08.02;
MATRIX Series v3.08.02
Published: 2024-12-05T12:52:54.929Z
Updated: 2024-12-05T14:39:56.202Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-51547 |
not_vulnerable | 2026-06-03 14:57:26.101074 |
Credentials Disclosure - keys
CRITICAL (9.8)
Use of Hard-coded Credentials vulnerability in ABB ASPECT-Enterprise, ABB NEXUS Series, ABB MATRIX Series.This issue affects ASPECT-Enterprise: through 3.*; NEXUS Series: through 3.*; MATRIX Series: through 3.*.
Published: 2025-02-06T04:12:30.615Z
Updated: 2025-05-23T09:23:26.967Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-51546 |
not_vulnerable | 2026-06-03 14:57:26.099583 |
Credentails Disclosure
HIGH (7.5)
Credentials Disclosure vulnerabilities allow access to on board project back-up bundles.
Affected products:
ABB ASPECT - Enterprise v3.08.02;
NEXUS Series v3.08.02;
MATRIX Series v3.08.02
Published: 2024-12-05T12:51:39.054Z
Updated: 2024-12-05T14:43:58.312Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-51545 |
not_vulnerable | 2026-06-03 14:57:26.097676 |
Username Enumeration
CRITICAL (10)
Username Enumeration vulnerabilities allow access to application level username add, delete, modify and list functions.
Affected products:
ABB ASPECT - Enterprise v3.08.02;
NEXUS Series v3.08.02;
MATRIX Series v3.08.02
Published: 2024-12-05T12:49:25.254Z
Updated: 2024-12-05T14:47:33.404Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-51544 |
not_vulnerable | 2026-06-03 14:57:26.095563 |
Service Control
HIGH (8.2)
Service Control vulnerabilities allow access to service restart requests and vm configuration settings.
Affected products:
ABB ASPECT - Enterprise v3.08.02;
NEXUS Series v3.08.02;
MATRIX Series v3.08.02
Published: 2024-12-05T12:48:32.801Z
Updated: 2024-12-05T14:50:27.895Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-51543 |
not_vulnerable | 2026-06-03 14:57:26.093606 |
Information Disclosure
HIGH (8.2)
Information Disclosure vulnerabilities allow access to application configuration information.
Affected products:
ABB ASPECT - Enterprise v3.08.02;
NEXUS Series v3.08.02;
MATRIX Series v3.08.02
Published: 2024-12-05T12:47:06.288Z
Updated: 2024-12-05T14:53:38.763Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-51542 |
not_vulnerable | 2026-06-03 14:57:26.091367 |
Configuration Download
HIGH (8.2)
Configuration Download vulnerabilities allow access to dependency configuration information.
Affected products:
ABB ASPECT - Enterprise v3.08.02;
NEXUS Series v3.08.02;
MATRIX Series v3.08.02
Published: 2024-12-05T12:45:57.616Z
Updated: 2024-12-05T15:13:29.563Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-51541 |
not_vulnerable | 2026-06-03 14:57:26.088395 |
Local File Inclusion
HIGH (8.2)
Local File Inclusion vulnerabilities allow access to sensitive system information.
Affected products:
ABB ASPECT - Enterprise v3.08.02;
NEXUS Series v3.08.02;
MATRIX Series v3.08.02
Published: 2024-12-05T12:45:09.058Z
Updated: 2024-12-05T15:16:19.415Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-4007 |
not_vulnerable | 2026-06-03 14:57:14.494868 |
Hard coded default credential contained in install package
HIGH (8.8)
Default credential in install package in ABB ASPECT; NEXUS Series; MATRIX Series version 3.07 allows attacker to login to product instances wrongly configured.
Published: 2024-07-01T12:06:53.048Z
Updated: 2024-08-01T20:26:57.247Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-48847 |
not_vulnerable | 2026-06-03 14:57:10.257506 |
MD5 bypass operation
HIGH (8.2)
MD5 Checksum Bypass vulnerabilities where found exploiting a weakness in the way an application dependency calculates or validates MD5 checksum hashes.
Affected products:
ABB ASPECT - Enterprise v3.08.01;
NEXUS Series v3.08.01;
MATRIX Series v3.08.01
Published: 2024-12-05T12:44:09.099Z
Updated: 2024-12-05T15:49:11.073Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-48846 |
not_vulnerable | 2026-06-03 14:57:10.255914 |
Cross Side Request Forgery, CSRF
HIGH (7.1)
Cross Site Request Forgery vulnerabilities where found providing a potiential for exposing sensitive information or changing system settings.
Affected products:
ABB ASPECT - Enterprise v3.08.02;
NEXUS Series v3.08.02;
MATRIX Series v3.08.02
Published: 2024-12-05T12:43:20.544Z
Updated: 2024-12-05T18:48:59.598Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-48845 |
not_vulnerable | 2026-06-03 14:57:10.253940 |
Weak Password Rules/Strength
CRITICAL (9.4)
Weak Password Reset Rules vulnerabilities where found providing a potiential for the storage of weak passwords that could facilitate unauthorized admin/application access.
Affected products:
ABB ASPECT - Enterprise v3.07.02;
NEXUS Series v3.07.02;
MATRIX Series v3.07.02
Published: 2024-12-05T12:42:14.225Z
Updated: 2024-12-05T18:49:08.072Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-48844 |
not_vulnerable | 2026-06-03 14:57:10.252281 |
Denial of Service, DoS
HIGH (7.7)
Denial of Service vulnerabilities where found providing a potiential for device service disruptions.
Affected products:
ABB ASPECT - Enterprise v3.08.02;
NEXUS Series v3.08.02;
MATRIX Series v3.08.02
Published: 2024-12-05T12:41:12.507Z
Updated: 2024-12-05T18:49:17.567Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-48843 |
not_vulnerable | 2026-06-03 14:57:10.249251 |
Denial of Service, DoS
HIGH (7.7)
Denial of Service vulnerabilities where found providing a potiential for device service disruptions.
Affected products:
ABB ASPECT - Enterprise v3.08.02;
NEXUS Series v3.08.02;
MATRIX Series v3.08.02
Published: 2024-12-05T12:40:01.071Z
Updated: 2024-12-05T18:49:24.745Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-48840 |
not_vulnerable | 2026-06-03 14:57:10.239323 |
Unauthorized Access
CRITICAL (10)
Unauthorized Access vulnerabilities allow Remote Code Execution.
Affected products:
ABB ASPECT - Enterprise v3.08.02;
NEXUS Series v3.08.02;
MATRIX Series v3.08.02
Published: 2024-12-05T12:38:46.342Z
Updated: 2024-12-05T18:49:34.017Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-48839 |
not_vulnerable | 2026-06-03 14:57:10.235918 |
Remote Code Execution, RCE
CRITICAL (10)
Improper Input Validation vulnerability allows Remote Code Execution.
Affected products:
ABB ASPECT - Enterprise v3.08.02;
NEXUS Series v3.08.02;
MATRIX Series v3.08.02
Published: 2024-12-05T12:37:28.554Z
Updated: 2024-12-05T18:49:41.865Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11317 |
not_vulnerable | 2026-06-03 14:54:13.908992 |
PHP Session Fixation
CRITICAL (10)
Session Fixation vulnerabilities allow an attacker to fix a users session identifier before login providing an opportunity for session takeover on a product.
Affected products:
ABB ASPECT - Enterprise v3.08.02;
NEXUS Series v3.08.02;
MATRIX Series v3.08.02
Published: 2024-12-05T12:36:27.768Z
Updated: 2024-12-05T18:49:49.571Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11316 |
not_vulnerable | 2026-06-03 14:54:13.906229 |
Filesize Check
HIGH (7.5)
Fileszie Check vulnerabilities allow a malicious user to bypass size limits or overload to the product.
Affected products:
ABB ASPECT - Enterprise v3.08.02;
NEXUS Series v3.08.02;
MATRIX Series v3.08.02
Published: 2024-12-05T12:27:03.272Z
Updated: 2024-12-05T18:35:25.727Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-0636 |
not_vulnerable | 2026-06-03 14:48:52.323206 |
Remote Code Execution via Command Injection
HIGH (7.2)
Improper Input Validation vulnerability in ABB Ltd. ASPECT®-Enterprise on ASPECT®-Enterprise, Linux (2CQG103201S3021, 2CQG103202S3021, 2CQG103203S3021, 2CQG103204S3021 modules), ABB Ltd. NEXUS Series on NEXUS Series, Linux (2CQG100102R2021, 2CQG100104R2021, 2CQG100105R2021, 2CQG100106R2021, 2CQG100110R2021, 2CQG100112R2021, 2CQG100103R2021, 2CQG100107R2021, 2CQG100108R2021, 2CQG100109R2021, 2CQG100111R2021, 2CQG100113R2021 modules), ABB Ltd. MATRIX Series on MATRIX Series, Linux (2CQG100102R1021, 2CQG100103R1021, 2CQG100104R1021, 2CQG100105R1021, 2CQG100106R1021 modules) allows Command Injection.This issue affects ASPECT®-Enterprise: from 3.0;0 before 3.07.0; NEXUS Series: from 3.0;0 before 3.07.0; MATRIX Series: from 3.0;0 before 3.07.1.
Published: 2023-06-05T03:45:09.898Z
Updated: 2025-01-08T17:40:16.541Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-0635 |
not_vulnerable | 2026-06-03 14:48:52.319804 |
Privilege escalation to root
HIGH (7.8)
Improper Privilege Management vulnerability in ABB Ltd. ASPECT®-Enterprise on ASPECT®-Enterprise, Linux (2CQG103201S3021, 2CQG103202S3021, 2CQG103203S3021, 2CQG103204S3021 modules), ABB Ltd. NEXUS Series on NEXUS Series, Linux (2CQG100102R2021, 2CQG100104R2021, 2CQG100105R2021, 2CQG100106R2021, 2CQG100110R2021, 2CQG100112R2021, 2CQG100103R2021, 2CQG100107R2021, 2CQG100108R2021, 2CQG100109R2021, 2CQG100111R2021, 2CQG100113R2021 modules), ABB Ltd. MATRIX Series on MATRIX Series, Linux (2CQG100102R1021, 2CQG100103R1021, 2CQG100104R1021, 2CQG100105R1021, 2CQG100106R1021 modules) allows Privilege Escalation.This issue affects ASPECT®-Enterprise: from 3.0;0 before 3.07.01; NEXUS Series: from 3.0;0 before 3.07.01; MATRIX Series: from 3.0;0 before 3.07.01.
Published: 2023-06-05T03:42:04.704Z
Updated: 2025-01-08T16:42:53.322Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.