CVE-2024-6209

Unauthorized file access in WEB Server in ABB ASPECT - Enterprise v <=3.08.01; NEXUS Series v <=3.08.01 ; MATRIX Series v<=3.08.01 allows Attacker to access files unauthorized
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:abb:aspect-ent-12_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:abb:aspect-ent-12:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:abb:aspect-ent-2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:abb:aspect-ent-2:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:abb:aspect-ent-256_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:abb:aspect-ent-256:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:abb:aspect-ent-96_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:abb:aspect-ent-96:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:abb:nexus-2128_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:abb:nexus-2128:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:abb:nexus-2128-a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:abb:nexus-2128-a:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:abb:nexus-2128-f_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:abb:nexus-2128-f:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:abb:nexus-2128-g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:abb:nexus-2128-g:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:abb:nexus-264_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:abb:nexus-264:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:abb:nexus-264-a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:abb:nexus-264-a:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:abb:nexus-264-f_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:abb:nexus-264-f:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:abb:nexus-264-g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:abb:nexus-264-g:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:abb:nexus-3-2128_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:abb:nexus-3-2128:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:abb:nexus-3-264_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:abb:nexus-3-264:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:abb:matrix-11_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:abb:matrix-11:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:abb:matrix-216_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:abb:matrix-216:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:abb:matrix-232_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:abb:matrix-232:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:abb:matrix-264_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:abb:matrix-264:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND
cpe:2.3:o:abb:matrix-296_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:abb:matrix-296:-:*:*:*:*:*:*:*

History

08 Jul 2024, 15:35

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.5
References () https://search.abb.com/library/Download.aspx?DocumentID=9AKK108469A7497&LanguageCode=en&DocumentPartId=&Action=Launch&_ga=2.39956449.23035250.1719878527-141379670.1701144964 - () https://search.abb.com/library/Download.aspx?DocumentID=9AKK108469A7497&LanguageCode=en&DocumentPartId=&Action=Launch&_ga=2.39956449.23035250.1719878527-141379670.1701144964 - Vendor Advisory
CPE cpe:2.3:h:abb:nexus-2128-g:-:*:*:*:*:*:*:*
cpe:2.3:o:abb:nexus-3-2128_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:abb:matrix-216_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:abb:nexus-2128-f_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:abb:matrix-11_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:abb:nexus-264-a:-:*:*:*:*:*:*:*
cpe:2.3:o:abb:aspect-ent-96_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:abb:nexus-2128_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:abb:nexus-2128-a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:abb:nexus-264:-:*:*:*:*:*:*:*
cpe:2.3:h:abb:aspect-ent-256:-:*:*:*:*:*:*:*
cpe:2.3:h:abb:nexus-2128:-:*:*:*:*:*:*:*
cpe:2.3:h:abb:aspect-ent-96:-:*:*:*:*:*:*:*
cpe:2.3:o:abb:aspect-ent-2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:abb:nexus-264-f_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:abb:matrix-264:-:*:*:*:*:*:*:*
cpe:2.3:h:abb:nexus-264-g:-:*:*:*:*:*:*:*
cpe:2.3:o:abb:nexus-264_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:abb:aspect-ent-12_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:abb:matrix-216:-:*:*:*:*:*:*:*
cpe:2.3:h:abb:matrix-232:-:*:*:*:*:*:*:*
cpe:2.3:o:abb:matrix-296_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:abb:nexus-2128-f:-:*:*:*:*:*:*:*
cpe:2.3:h:abb:aspect-ent-12:-:*:*:*:*:*:*:*
cpe:2.3:o:abb:nexus-2128-g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:abb:nexus-3-264_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:abb:nexus-264-a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:abb:nexus-264-g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:abb:matrix-232_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:abb:matrix-264_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:abb:matrix-296:-:*:*:*:*:*:*:*
cpe:2.3:h:abb:nexus-3-264:-:*:*:*:*:*:*:*
cpe:2.3:o:abb:aspect-ent-256_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:abb:nexus-2128-a:-:*:*:*:*:*:*:*
cpe:2.3:h:abb:nexus-3-2128:-:*:*:*:*:*:*:*
cpe:2.3:h:abb:matrix-11:-:*:*:*:*:*:*:*
cpe:2.3:h:abb:nexus-264-f:-:*:*:*:*:*:*:*
cpe:2.3:h:abb:aspect-ent-2:-:*:*:*:*:*:*:*
First Time Abb aspect-ent-96
Abb matrix-296
Abb nexus-264-g Firmware
Abb nexus-2128-g
Abb aspect-ent-12
Abb nexus-264 Firmware
Abb nexus-3-2128
Abb nexus-2128 Firmware
Abb aspect-ent-2
Abb matrix-216 Firmware
Abb nexus-264-f Firmware
Abb aspect-ent-12 Firmware
Abb nexus-3-264
Abb aspect-ent-2 Firmware
Abb nexus-264-f
Abb matrix-11
Abb nexus-264
Abb matrix-232
Abb nexus-3-2128 Firmware
Abb nexus-2128-a
Abb matrix-11 Firmware
Abb matrix-216
Abb nexus-2128-f Firmware
Abb nexus-2128-a Firmware
Abb matrix-264 Firmware
Abb nexus-2128-f
Abb aspect-ent-256
Abb
Abb aspect-ent-96 Firmware
Abb nexus-264-a Firmware
Abb nexus-264-a
Abb nexus-2128
Abb aspect-ent-256 Firmware
Abb matrix-264
Abb matrix-232 Firmware
Abb nexus-3-264 Firmware
Abb matrix-296 Firmware
Abb nexus-2128-g Firmware
Abb nexus-264-g

05 Jul 2024, 12:55

Type Values Removed Values Added
Summary
  • (es) Acceso no autorizado a archivos en WEB Server en ABB ASPECT - Enterprise v &lt;=3.08.01; Serie NEXUS v &lt;=3.08.01; MATRIX Series v&lt;=3.08.01 permite a un atacante acceder a archivos no autorizados

05 Jul 2024, 11:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-07-05 11:15

Updated : 2024-07-08 15:35


NVD link : CVE-2024-6209

Mitre link : CVE-2024-6209

CVE.ORG link : CVE-2024-6209


JSON object : View

Products Affected

abb

  • matrix-264
  • nexus-264
  • matrix-216
  • aspect-ent-2_firmware
  • nexus-2128
  • aspect-ent-2
  • nexus-264-f
  • aspect-ent-12_firmware
  • matrix-232
  • aspect-ent-12
  • nexus-3-264_firmware
  • nexus-2128-f
  • nexus-264-f_firmware
  • nexus-2128-f_firmware
  • matrix-11_firmware
  • nexus-264-a_firmware
  • matrix-296
  • aspect-ent-96
  • nexus-264_firmware
  • nexus-2128-a_firmware
  • nexus-3-2128_firmware
  • nexus-3-2128
  • matrix-264_firmware
  • matrix-296_firmware
  • aspect-ent-256_firmware
  • matrix-232_firmware
  • aspect-ent-96_firmware
  • matrix-11
  • nexus-3-264
  • matrix-216_firmware
  • aspect-ent-256
  • nexus-2128_firmware
  • nexus-2128-a
  • nexus-2128-g_firmware
  • nexus-264-g_firmware
  • nexus-264-g
  • nexus-2128-g
  • nexus-264-a
CWE
CWE-552

Files or Directories Accessible to External Parties