fkie_cve-2024-4007
Vulnerability from fkie_nvd
Published
2024-07-01 13:15
Modified
2025-12-19 16:04
Severity ?
Summary
Default credential in install package in ABB ASPECT; NEXUS Series; MATRIX Series version 3.07 allows attacker to login to product instances wrongly configured.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| abb | aspect-ent-12_firmware | * | |
| abb | aspect-ent-12 | - | |
| abb | aspect-ent-2_firmware | * | |
| abb | aspect-ent-2 | - | |
| abb | aspect-ent-256_firmware | * | |
| abb | aspect-ent-256 | - | |
| abb | aspect-ent-96_firmware | * | |
| abb | aspect-ent-96 | - | |
| abb | matrix-11_firmware | * | |
| abb | matrix-11 | - | |
| abb | matrix-216_firmware | * | |
| abb | matrix-216 | - | |
| abb | matrix-232_firmware | * | |
| abb | matrix-232 | - | |
| abb | matrix-264_firmware | * | |
| abb | matrix-264 | - | |
| abb | matrix-296_firmware | * | |
| abb | matrix-296 | - | |
| abb | nexus-2128_firmware | * | |
| abb | nexus-2128 | - | |
| abb | nexus-264_firmware | * | |
| abb | nexus-264 | - | |
| abb | nexus-3-2128_firmware | * | |
| abb | nexus-3-2128 | - | |
| abb | nexus-3-264_firmware | * | |
| abb | nexus-3-264 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:abb:aspect-ent-12_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E7160A7B-C86C-4B6F-9676-E609045DEB95",
"versionEndExcluding": "3.07.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:abb:aspect-ent-12:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D3FE8A0-B7B1-496F-918B-83AECEC80486",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:abb:aspect-ent-2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33FFD0D5-84E8-4565-8CCC-41EBD13C3B33",
"versionEndExcluding": "3.07.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:abb:aspect-ent-2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C6351DE-8170-4023-B815-536030F9236E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:abb:aspect-ent-256_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "55BD3450-6363-493A-B927-D0B799B2E5A5",
"versionEndExcluding": "3.07.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:abb:aspect-ent-256:-:*:*:*:*:*:*:*",
"matchCriteriaId": "125AAF0E-3CB2-4F5A-BA04-742918422422",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:abb:aspect-ent-96_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D11512D2-4258-4187-B932-F0F2087B2655",
"versionEndExcluding": "3.07.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:abb:aspect-ent-96:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CC1901E-7476-4070-B649-E2EAE52A38A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:abb:matrix-11_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2500228A-DCF9-4D53-860D-33F8E3A7FE39",
"versionEndExcluding": "3.07.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:abb:matrix-11:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CC44F95-4AE8-48B3-AC2C-6A4EB20F62DD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:abb:matrix-216_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07E65B3D-584F-4ECA-8C02-2B6BD776BA64",
"versionEndExcluding": "3.07.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:abb:matrix-216:-:*:*:*:*:*:*:*",
"matchCriteriaId": "653A6815-9BC7-4BD4-BB67-DBCC666ED860",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:abb:matrix-232_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B743E53A-C6B6-4458-A407-6C182E72147B",
"versionEndExcluding": "3.07.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:abb:matrix-232:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40C07D72-CA89-40A1-8EE8-F48A06DB7992",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:abb:matrix-264_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A7F70B4-F8D7-445A-9DD6-82D0F4F146FB",
"versionEndExcluding": "3.07.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:abb:matrix-264:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80E8A1A8-8476-4C36-A6F6-258C2DC60388",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:abb:matrix-296_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "35AFA173-993C-4554-AE45-5978B047AE07",
"versionEndExcluding": "3.07.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:abb:matrix-296:-:*:*:*:*:*:*:*",
"matchCriteriaId": "699E0759-590A-4362-9B5B-F876C1A020D1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:abb:nexus-2128_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8EC23B51-E42E-47E4-9419-7C18DA2E568E",
"versionEndExcluding": "3.07.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:abb:nexus-2128:-:*:*:*:*:*:*:*",
"matchCriteriaId": "697D73AC-8567-4D25-B42F-FB584DAFF05F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:abb:nexus-264_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3EF3AC84-A778-4C20-BC7B-33E1338B9EAD",
"versionEndExcluding": "3.07.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:abb:nexus-264:-:*:*:*:*:*:*:*",
"matchCriteriaId": "979B2BF4-885C-46B4-9093-E7CC35EBB397",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:abb:nexus-3-2128_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CDA2D7A-A68A-4495-B522-108105980AA4",
"versionEndExcluding": "3.07.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:abb:nexus-3-2128:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66A14E33-5416-45D9-BBE4-61EFEC246E20",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:abb:nexus-3-264_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AB976E8E-A73C-4BC0-84C1-9ED555865C15",
"versionEndExcluding": "3.07.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:abb:nexus-3-264:-:*:*:*:*:*:*:*",
"matchCriteriaId": "96BF51C6-E220-4347-9505-48DAE2BB26B7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Default credential in install package in ABB ASPECT; NEXUS Series; MATRIX Series version 3.07 allows attacker to login to product instances wrongly configured."
},
{
"lang": "es",
"value": "Credencial predeterminada en el paquete de instalaci\u00f3n en ABB ASPECT; NEXUS Series; MATRIX Series versi\u00f3n 3.07 permite a un atacante iniciar sesi\u00f3n en instancias de productos mal configuradas."
}
],
"id": "CVE-2024-4007",
"lastModified": "2025-12-19T16:04:35.630",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "cybersecurity@ch.abb.com",
"type": "Secondary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NEGLIGIBLE",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "RED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:L/U:Red",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "LOW"
},
"source": "cybersecurity@ch.abb.com",
"type": "Secondary"
}
]
},
"published": "2024-07-01T13:15:06.077",
"references": [
{
"source": "cybersecurity@ch.abb.com",
"tags": [
"Vendor Advisory"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK108469A6101\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK108469A6101\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
],
"sourceIdentifier": "cybersecurity@ch.abb.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-1392"
}
],
"source": "cybersecurity@ch.abb.com",
"type": "Secondary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…