Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2012-4701
HistoryOct 03, 2022 - 4:15 p.m.

CVE-2012-4701

2022-10-0316:15:33
CWE-22
[email protected]
web.nvd.nist.gov
35
cve-2012-4701
directory traversal
tridium niagara ax
vulnerability
remote attackers
sensitive files
arbitrary code
credentials
guest feature

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.3 High

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

78.4%

JSON

Directory traversal vulnerability in Tridium Niagara AX 3.5, 3.6, and 3.7 allows remote attackers to read sensitive files, and consequently execute arbitrary code, by leveraging (1) valid credentials or (2) the guest feature.

Affected configurations

NVD
Node
tridiumniagara_axMatch3.5
OR
tridiumniagara_axMatch3.6
OR
tridiumniagara_axMatch3.7

Related

nessus 2
prion 1
nvd 1
ics 1
cvelist 1
nessus
nessus
Tridium Niagra Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
2020-08-10 00:00:00
Tridium Niagara AX Path Traversal (CVE-2012-4701)
2023-03-21 00:00:00
prion
prion
Directory traversal
2013-02-15 12:09:00
nvd
nvd
CVE-2012-4701
2013-02-15 12:09:27
ics
ics
Tridium NiagaraAX Directory Traversal Vulnerability
2013-05-08 12:00:00
cvelist
cvelist
CVE-2012-4701
2022-10-03 16:15:33

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.3 High

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

78.4%

JSON
Related for CVE-2012-4701
nessus2prion1nvd1ics1cvelist1