CVE-2024-11317
CVSS 3.1 Score 10.0 of 10 (high)
Details
Summary
CVE-2024-11317 is a session fixation vulnerability that enables attackers to prematurely establish a user's session identifier prior to login. This issue provides an opportunity for attackers to take over the affected user's session. The vulnerability affects ABB ASPECT - Enterprise version 3.08.02, NEXUS Series version 3.08.02, and MATRIX Series version 3.08.02. Successful exploitation could lead to unauthorized access to user accounts and potentially sensitive information. Users are advised to update their software to the latest version to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Aspect-Enterprise
Affected Vendors
- ABB Ltd.