{"vulnerability": "cve-2024-5155", "sightings": [{"uuid": "c5a0902e-62f3-40e9-a94b-1054b8e5d582", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-51551", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-007-01", "content": "", "creation_timestamp": "2025-01-07T11:00:00.000000Z"}, {"uuid": "9db7a06a-c44b-4321-838a-59b5249aef8d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-51550", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-007-01", "content": "", "creation_timestamp": "2025-01-07T11:00:00.000000Z"}, {"uuid": "4f14e0da-425a-4df9-bc47-82ded46ed644", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-51554", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-007-01", "content": "", "creation_timestamp": "2025-01-07T11:00:00.000000Z"}, {"uuid": "45d7e748-c499-4337-a247-328c60aef304", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-51555", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-007-01", "content": "", "creation_timestamp": "2025-01-07T11:00:00.000000Z"}, {"uuid": "cc502241-f803-4301-bc5a-df7dc7d50f03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-51552", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lpshswzcvv2j", "content": "", "creation_timestamp": "2025-05-23T01:23:25.657196Z"}, {"uuid": "16297062-b2ab-4cfa-bf80-f137f2fa5485", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-51550", "type": "seen", "source": "https://t.me/cvedetector/12089", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-51550 - Data Validation / Data Sanitization vulnerabiliti\", \n  \"Content\": \"CVE ID : CVE-2024-51550 \nPublished : Dec. 5, 2024, 1:15 p.m. | 41\u00a0minutes ago \nDescription : Data Validation / Data Sanitization  vulnerabilities in Linux allows unvalidated and unsanitized data to be injected in an Aspect device.\u00a0  \nAffected products:  \n  \n  \nABB ASPECT - Enterprise v3.08.02;   \nNEXUS Series v3.08.02;   \nMATRIX Series v3.08.02 \nSeverity: 10.0 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-05T15:21:27.000000Z"}, {"uuid": "2467c933-a00b-4d1e-b547-c15d90635d07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-51553", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lpsfxppc3z2a", "content": "", "creation_timestamp": "2025-05-23T00:50:18.216578Z"}, {"uuid": "dd9aadd6-0fd7-40e5-9dd7-e5cd2d4c118f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-51555", "type": "seen", "source": "https://t.me/cvedetector/12087", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-51555 - Default Credentail vulnerabilities allows access t\", \n  \"Content\": \"CVE ID : CVE-2024-51555 \nPublished : Dec. 5, 2024, 1:15 p.m. | 41\u00a0minutes ago \nDescription : Default Credentail vulnerabilities allows access to an Aspect device using publicly available default credentials since the system does not require the installer to change default credentials.\u00a0  \nAffected products:  \n  \n  \nABB ASPECT - Enterprise v3.07.02;   \nNEXUS Series v3.07.02;   \nMATRIX Series v3.07.02 \nSeverity: 10.0 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-05T15:21:22.000000Z"}, {"uuid": "8bde920a-45ca-4f62-bd39-1a03d3fc0020", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-51554", "type": "seen", "source": "https://t.me/cvedetector/12086", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-51554 - Default Credentail vulnerabilities in ASPECT on Li\", \n  \"Content\": \"CVE ID : CVE-2024-51554 \nPublished : Dec. 5, 2024, 1:15 p.m. | 41\u00a0minutes ago \nDescription : Default Credentail vulnerabilities in ASPECT on Linux allows access to the product using publicly available default credentials.\u00a0  \nAffected products:  \n  \n  \nABB ASPECT - Enterprise v3.08.02;   \nNEXUS Series v3.08.02;   \nMATRIX Series v3.08.02 \nSeverity: 9.1 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-05T15:21:21.000000Z"}, {"uuid": "afae992a-3a37-4c07-9d86-722d7aeaacba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-51551", "type": "seen", "source": "https://t.me/cvedetector/12085", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-51551 - Default Credentail vulnerabilities in ASPECT on Li\", \n  \"Content\": \"CVE ID : CVE-2024-51551 \nPublished : Dec. 5, 2024, 1:15 p.m. | 41\u00a0minutes ago \nDescription : Default Credentail vulnerabilities in ASPECT on Linux allows access to the product using publicly available default credentials.\u00a0  \nAffected products:  \n  \n  \nABB ASPECT - Enterprise v3.07.02;   \nNEXUS Series v3.07.02;   \nMATRIX Series v3.07.02 \nSeverity: 10.0 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-05T15:21:21.000000Z"}, {"uuid": "cf992808-0ae5-497c-a075-58337c8357de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-51556", "type": "seen", "source": "https://t.me/cvedetector/9731", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-51556 - Apache Wave Remote Command Injection and Sensitive Data Disclosure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-51556 \nPublished : Nov. 4, 2024, 1:17 p.m. | 33\u00a0minutes ago \nDescription : This vulnerability exists in the Wave 2.0 due to weak encryption of sensitive data received at the API response. An authenticated remote attacker could exploit this vulnerability by manipulating a parameter \u201cuser_id\u201d through API request URLs leading to unauthorized access to sensitive information belonging to other users. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-04T15:16:27.000000Z"}, {"uuid": "8afb7635-f754-4421-8f9a-1f8ea4a2c7ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-51559", "type": "seen", "source": "https://t.me/cvedetector/9728", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-51559 - Wave Authentication Bypass Remote Code Execution\", \n  \"Content\": \"CVE ID : CVE-2024-51559 \nPublished : Nov. 4, 2024, 1:17 p.m. | 33\u00a0minutes ago \nDescription : This vulnerability exists in the Wave 2.0\u00a0due\u00a0to missing authorization check on certain API endpoints. An authenticated remote attacker could exploit this vulnerability by manipulating a parameter \u201cuser_id\u201d through API request URLs which could lead to unauthorized creation, modification and deletion of alerts belonging to other user accounts. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-04T15:16:24.000000Z"}, {"uuid": "9ee895cf-acca-4882-b160-78f4f590c20f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-51558", "type": "seen", "source": "https://t.me/cvedetector/9727", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-51558 - WPS Office Wave Brute Force Authentication Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-51558 \nPublished : Nov. 4, 2024, 1:17 p.m. | 33\u00a0minutes ago \nDescription : This vulnerability exists in the Wave 2.0\u00a0due to missing restrictions for excessive failed authentication attempts on its API based login. A remote attacker could exploit this vulnerability by conducting a brute force attack against legitimate user OTP, MPIN or password, which could lead to gain unauthorized access and compromise other user accounts. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-04T15:16:22.000000Z"}, {"uuid": "9c1f7c1c-b00a-45ff-8325-f848cb900d12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-51557", "type": "seen", "source": "https://t.me/cvedetector/9726", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-51557 - Wave OTP Rate Limiting Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-51557 \nPublished : Nov. 4, 2024, 1:17 p.m. | 33\u00a0minutes ago \nDescription : This vulnerability exists in the Wave 2.0 due to missing rate limiting on OTP requests in an API endpoint. An authenticated remote attacker could exploit this vulnerability by sending multiple OTP request through vulnerable API endpoint which could lead to the OTP bombing/flooding on the targeted system. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-04T15:16:21.000000Z"}]}