ABB Cylon Aspect 3.08.01 (diagLateThread.php) Information Disclosure

The ABB BMS/BAS controller suffers from an unauthenticated information disclosure vulnerability. An unauthorized attacker can reference the affected page and disclose various protocol thread information running on the device.