Lucene search

K
cve[email protected]CVE-2012-4701
HistoryOct 03, 2022 - 4:15 p.m.

CVE-2012-4701

2022-10-0316:15:33
CWE-22
web.nvd.nist.gov
35
cve-2012-4701
directory traversal
tridium niagara ax
vulnerability
remote attackers
sensitive files
arbitrary code
credentials
guest feature

7.3 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.006 Low

EPSS

Percentile

78.4%

Directory traversal vulnerability in Tridium Niagara AX 3.5, 3.6, and 3.7 allows remote attackers to read sensitive files, and consequently execute arbitrary code, by leveraging (1) valid credentials or (2) the guest feature.

Affected configurations

NVD
Node
tridiumniagara_axMatch3.5
OR
tridiumniagara_axMatch3.6
OR
tridiumniagara_axMatch3.7

7.3 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.006 Low

EPSS

Percentile

78.4%

Related for CVE-2012-4701