Tridium Niagara AX Framework does not properly store credential data, which allows context-dependent attackers to bypass intended access restrictions by using the stored information for authentication.
References
Configurations
History
21 Nov 2024, 01:42
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.washingtonpost.com/investigations/tridiums-niagara-framework-marvel-of-connectivity-illustrates-new-cyber-risks/2012/07/11/gJQARJL6dW_story.html - Permissions Required | |
References | () https://www.tridium.com/galleries/briefings/NiagaraAX_Framework_Software_Security_Alert.pdf - Broken Link, Vendor Advisory |
Information
Published : 2012-07-16 20:55
Updated : 2024-11-21 01:42
NVD link : CVE-2012-4028
Mitre link : CVE-2012-4028
CVE.ORG link : CVE-2012-4028
JSON object : View
Products Affected
tridium
- niagara_ax
CWE
CWE-522
Insufficiently Protected Credentials