ABB ASPECT Log Injection Vulnerability Allowing Script Injection via Compromised Admin Credentials
Vulnerability
A log injection vulnerability has been identified in ABB ASPECT products, including ASPECT-Enterprise, NEXUS Series, and MATRIX Series, all through version 3.*. This vulnerability allows attackers to inject malicious scripts that could be executed in the browser, provided they can obtain administrator credentials.
Impact
Exploitation of this vulnerability could lead to cross-site scripting (XSS) attacks, where injected scripts are executed in the context of the user's browser.
Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM
Vulnerability Rating
Custom Algorithm
spread
0.0impact
1.7exploitability
4.8remediation
0.0relevance
0.0threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.