CVE-2024-6515
CVSS 3.1 Score 9.6 of 10 (high)
Details
Published Dec 5, 2024
CWE ID 319
Summary
CVE-2024-6515 is a newly disclosed vulnerability affecting the ABB ASPECT - Enterprise, NEXUS Series, and MATRIX Series software versions 3.08.02. This issue enables a web browser interface to manipulate unencrypted or Base64-encoded username/password credentials, increasing the likelihood of unintended exposure. By exploiting this vulnerability, an attacker could gain access to user accounts and potentially launch further attacks. Organizations using these affected products are advised to apply the necessary security patches promptly to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Aspect-Enterprise
Affected Vendors
- ABB Ltd.