CVE: Common Vulnerabilities and Exposures

Required CVE Record Information

Description

Default credential in install package in ABB ASPECT; NEXUS Series; MATRIX Series version 3.07 allows attacker to login to product instances wrongly configured.

CWE 1 Total

Learn more

CWE-1392: CWE-1392: Use of Default Credentials

CVSS 2 Total

Learn more

Score	Severity	Version	Vector String
8.7	HIGH	4.0	CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/V:D/RE:L/U:Red
8.8	HIGH	3.1	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Product Status

Learn more

Versions 1 Total

Default Status: unaffected

affected

Versions 1 Total

Default Status: unaffected

affected

Versions 1 Total

Default Status: unaffected

affected

Credits

ABB likes to thank https://divd.nl for reporting the vulnerability in responsible disclosure. finder

References 1 Total

https://search.abb.com/library/Download.aspx?DocumentID=9AKK108469A6101&LanguageCode=en&DocumentPartId=&Action=Launch
external site

Updated: 2024-08-01

This container includes required additional information provided by the CVE Program for this vulnerability.

References 1 Total

https://search.abb.com/library/Download.aspx?DocumentID=9AKK108469A6101&LanguageCode=en&DocumentPartId=&Action=Launch
external site
x_transferred

Authorized Data Publishers

Learn more

Common vulnerabilities and Exposures (CVE)

Required CVE Record Information

CNA: Asea Brown Boveri Ltd.

Description

CWE 1 Total

CVSS 2 Total

Product Status

Credits

References 1 Total

CVE Program

References 1 Total

Authorized Data Publishers

CISA-ADP