CVE-2012-4028

Tridium Niagara AX Framework does not properly store credential data, which allows context-dependent attackers to bypass intended access restrictions by using the stored information for authentication.
Configurations

Configuration 1 (hide)

cpe:2.3:a:tridium:niagara_ax:*:*:*:*:*:*:*:*

History

21 Nov 2024, 01:42

Type Values Removed Values Added
References () http://www.washingtonpost.com/investigations/tridiums-niagara-framework-marvel-of-connectivity-illustrates-new-cyber-risks/2012/07/11/gJQARJL6dW_story.html - Permissions Required () http://www.washingtonpost.com/investigations/tridiums-niagara-framework-marvel-of-connectivity-illustrates-new-cyber-risks/2012/07/11/gJQARJL6dW_story.html - Permissions Required
References () https://www.tridium.com/galleries/briefings/NiagaraAX_Framework_Software_Security_Alert.pdf - Broken Link, Vendor Advisory () https://www.tridium.com/galleries/briefings/NiagaraAX_Framework_Software_Security_Alert.pdf - Broken Link, Vendor Advisory

Information

Published : 2012-07-16 20:55

Updated : 2024-11-21 01:42


NVD link : CVE-2012-4028

Mitre link : CVE-2012-4028

CVE.ORG link : CVE-2012-4028


JSON object : View

Products Affected

tridium

  • niagara_ax
CWE
CWE-522

Insufficiently Protected Credentials