Improper Validation of Specified Type of Input

CVE-2024-6298

High

9.4/10

Summary

Unauthorized file access in WEB Server in ABB ASPECT - Enterprise v3.08.01; NEXUS Series v3.08.01 ; MATRIX Series v3.08.01 allows Attacker to execute arbitrary code remotely

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: HIGH
Scope: CHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: HIGH
Availability Impact: HIGH

CWE-1287 - Improper Validation of Specified Type of Input

The product receives input that is expected to be of a certain type, but it does not validate or incorrectly validates that the input is actually of the expected type.

References

Advisory Timeline

Published Jul 05, 2024

Improper Validation of Specified Type of Input

CVE-2024-6298

Summary

CWE-1287 - Improper Validation of Specified Type of Input

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS