Lucene search
This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.OT_500377.NASLHistoryAug 10, 2020 - 12:00 a.m.
Tridium Niagra Improper Authentication
2020-08-1000:00:00
This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
13
0.001 Low
EPSS
Percentile
47.2%
Tridium Niagara AX Framework through 3.6 uses predictable values for (1) session IDs and (2) keys, which might allow remote attackers to bypass authentication via a brute-force attack.
File data ot_500377.nasl| Vendor | Product | Version | CPE |
|---|---|---|---|
| tridium | niagra_ax_framework | 3.5 | cpe:2.3:a:tridium:niagra_ax_framework:3.5:*:*:*:*:*:*:* |
| tridium | niagra_ax_framework | * | cpe:2.3:a:tridium:niagra_ax_framework:*:*:*:*:*:*:*:* |
Related
nessus
nessus
Tridium Niagara AX Improper Authentication (CVE-2012-3024)
2023-03-21 00:00:00
Tridium Niagara AX Web Server Multiple Vulnerabilities
2013-07-03 00:00:00
cvelist
cvelist
CVE-2012-3024
2022-10-03 16:15:24
cve
cve
CVE-2012-3024
2022-10-03 16:15:24
prion
prion
Authentication flaw
2012-08-16 10:38:00
nvd
nvd
CVE-2012-3024
2012-08-16 10:38:04
ics
ics
Tridium Niagara Vulnerabilities (Update A)
2014-03-06 12:00:00