fkie_cve-2023-0636
Vulnerability from fkie_nvd
Published
2023-06-05 04:15
Modified
2024-11-21 07:37
Severity ?
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Improper Input Validation vulnerability in ABB Ltd. ASPECT®-Enterprise on ASPECT®-Enterprise, Linux (2CQG103201S3021, 2CQG103202S3021, 2CQG103203S3021, 2CQG103204S3021 modules), ABB Ltd. NEXUS Series on NEXUS Series, Linux (2CQG100102R2021, 2CQG100104R2021, 2CQG100105R2021, 2CQG100106R2021, 2CQG100110R2021, 2CQG100112R2021, 2CQG100103R2021, 2CQG100107R2021, 2CQG100108R2021, 2CQG100109R2021, 2CQG100111R2021, 2CQG100113R2021 modules), ABB Ltd. MATRIX Series on MATRIX Series, Linux (2CQG100102R1021, 2CQG100103R1021, 2CQG100104R1021, 2CQG100105R1021, 2CQG100106R1021 modules) allows Command Injection.This issue affects ASPECT®-Enterprise: from 3.0;0 before 3.07.0; NEXUS Series: from 3.0;0 before 3.07.0; MATRIX Series: from 3.0;0 before 3.07.1.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:abb:aspect-ent-2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "90915F51-F953-463D-9DC9-920A6BDE339A",
"versionEndExcluding": "3.07.01",
"versionStartIncluding": "3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:abb:aspect-ent-2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C6351DE-8170-4023-B815-536030F9236E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:abb:aspect-ent-12_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A584338E-68E3-4A18-9210-EC9B5BB1931B",
"versionEndExcluding": "3.07.01",
"versionStartIncluding": "3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:abb:aspect-ent-12:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D3FE8A0-B7B1-496F-918B-83AECEC80486",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:abb:aspect-ent-256_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "886F345B-B8A8-4FB5-B7E8-E1814B5C9649",
"versionEndExcluding": "3.07.01",
"versionStartIncluding": "3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:abb:aspect-ent-256:-:*:*:*:*:*:*:*",
"matchCriteriaId": "125AAF0E-3CB2-4F5A-BA04-742918422422",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:abb:aspect-ent-96_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "28963E35-B5B5-417F-B49B-5A4836F95949",
"versionEndExcluding": "3.07.01",
"versionStartIncluding": "3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:abb:aspect-ent-96:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CC1901E-7476-4070-B649-E2EAE52A38A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:abb:nexus-2128_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "96C574A1-D4AB-4973-8F59-623FBA23ABE9",
"versionEndExcluding": "3.07.01",
"versionStartIncluding": "3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:abb:nexus-2128:-:*:*:*:*:*:*:*",
"matchCriteriaId": "697D73AC-8567-4D25-B42F-FB584DAFF05F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:abb:nexus-2128-a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "529748B3-25B5-4D40-B71E-F8DBC5AA4CFB",
"versionEndExcluding": "3.07.01",
"versionStartIncluding": "3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:abb:nexus-2128-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1C4B551-EC7D-4D96-9B44-5238B2671F38",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:abb:nexus-2128-g_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1DC90491-EEF2-4893-BA1E-4F41E716ED8B",
"versionEndExcluding": "3.07.01",
"versionStartIncluding": "3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:abb:nexus-2128-g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86993CA6-E80C-464D-A208-EB119F41E106",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:abb:nexus-2128-f_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2D20353-5535-4DFC-972D-D7C0AE020943",
"versionEndExcluding": "3.07.01",
"versionStartIncluding": "3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:abb:nexus-2128-f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC1B0FAC-EE50-41E7-8C6A-63E28649A539",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:abb:nexus-3-2128_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC6B5035-9627-4A06-B4D1-BC845A5387A2",
"versionEndExcluding": "3.07.01",
"versionStartIncluding": "3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:abb:nexus-3-2128:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66A14E33-5416-45D9-BBE4-61EFEC246E20",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:abb:nexus-3-264_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "862E9C0F-1334-4BEF-9E22-AE3EC9E0A17F",
"versionEndExcluding": "3.07.01",
"versionStartIncluding": "3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:abb:nexus-3-264:-:*:*:*:*:*:*:*",
"matchCriteriaId": "96BF51C6-E220-4347-9505-48DAE2BB26B7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:abb:nexus-264_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CDC4937A-5EF3-40A5-A5F8-AEB617C87481",
"versionEndExcluding": "3.07.01",
"versionStartIncluding": "3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:abb:nexus-264:-:*:*:*:*:*:*:*",
"matchCriteriaId": "979B2BF4-885C-46B4-9093-E7CC35EBB397",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:abb:nexus-264-a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A4524FEB-AA98-4515-A140-6B53DEE82545",
"versionEndExcluding": "3.07.01",
"versionStartIncluding": "3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:abb:nexus-264-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3961881-0563-443D-8381-428058A008DF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:abb:nexus-264-g_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "257FD712-153D-48A7-83BA-94B07BACD8D4",
"versionEndExcluding": "3.07.01",
"versionStartIncluding": "3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:abb:nexus-264-g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E7E5C1B-CFA0-4584-89F5-BE9190DC7DB7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:abb:nexus-264-f_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "531B160D-0FE9-44A2-A64D-C310CBF48433",
"versionEndExcluding": "3.07.01",
"versionStartIncluding": "3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:abb:nexus-264-f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43EB9B15-B1DF-49DC-B69C-00D0342E0592",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:abb:matrix-216_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5C6E19F-9B07-45D0-A001-6F0D909B9D13",
"versionEndExcluding": "3.07.01",
"versionStartIncluding": "3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:abb:matrix-216:-:*:*:*:*:*:*:*",
"matchCriteriaId": "653A6815-9BC7-4BD4-BB67-DBCC666ED860",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:abb:matrix-232_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "994F4371-2AFF-4FC5-ABC7-CCE3E260643A",
"versionEndExcluding": "3.07.01",
"versionStartIncluding": "3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:abb:matrix-232:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40C07D72-CA89-40A1-8EE8-F48A06DB7992",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:abb:matrix-296_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC58A9B8-2D12-4117-890A-53B52DCAE1EC",
"versionEndExcluding": "3.07.01",
"versionStartIncluding": "3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:abb:matrix-296:-:*:*:*:*:*:*:*",
"matchCriteriaId": "699E0759-590A-4362-9B5B-F876C1A020D1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:abb:matrix-264_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "340901DB-3492-4202-9B54-F107D2B9E8C0",
"versionEndExcluding": "3.07.01",
"versionStartIncluding": "3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:abb:matrix-264:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80E8A1A8-8476-4C36-A6F6-258C2DC60388",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:abb:matrix-11_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13A433D2-9A61-49EB-8382-1D5024E70B88",
"versionEndExcluding": "3.07.01",
"versionStartIncluding": "3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:abb:matrix-11:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CC44F95-4AE8-48B3-AC2C-6A4EB20F62DD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Input Validation vulnerability in ABB Ltd. ASPECT\u00ae-Enterprise on ASPECT\u00ae-Enterprise, Linux (2CQG103201S3021, 2CQG103202S3021, 2CQG103203S3021, 2CQG103204S3021 modules), ABB Ltd. NEXUS Series on NEXUS Series, Linux (2CQG100102R2021, 2CQG100104R2021, 2CQG100105R2021, 2CQG100106R2021, 2CQG100110R2021, 2CQG100112R2021, 2CQG100103R2021, 2CQG100107R2021, 2CQG100108R2021, 2CQG100109R2021, 2CQG100111R2021, 2CQG100113R2021 modules), ABB Ltd. MATRIX Series on MATRIX Series, Linux (2CQG100102R1021, 2CQG100103R1021, 2CQG100104R1021, 2CQG100105R1021, 2CQG100106R1021 modules) allows Command Injection.This issue affects ASPECT\u00ae-Enterprise: from 3.0;0 before 3.07.0; NEXUS Series: from 3.0;0 before 3.07.0; MATRIX Series: from 3.0;0 before 3.07.1."
}
],
"id": "CVE-2023-0636",
"lastModified": "2024-11-21T07:37:31.600",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "cybersecurity@ch.abb.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-06-05T04:15:10.587",
"references": [
{
"source": "cybersecurity@ch.abb.com",
"tags": [
"Vendor Advisory"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=2CKA000073B5403\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=2CKA000073B5403\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
],
"sourceIdentifier": "cybersecurity@ch.abb.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "cybersecurity@ch.abb.com",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.