Tridium Niagara AX Framework through 3.6 uses predictable values for (1) session IDs and (2) keys, which might allow remote attackers to bypass authentication via a brute-force attack.
File data ot_500377.nasl
Vendor | Product | Version | CPE |
---|---|---|---|
tridium | niagra_ax_framework | 3.5 | cpe:2.3:a:tridium:niagra_ax_framework:3.5:*:*:*:*:*:*:* |
tridium | niagra_ax_framework | * | cpe:2.3:a:tridium:niagra_ax_framework:*:*:*:*:*:*:*:* |