Lucene search

K
nessusThis script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.OT_500379.NASL
HistoryAug 10, 2020 - 12:00 a.m.

Tridium Niagra Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

2020-08-1000:00:00
This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
12

EPSS

0.006

Percentile

78.4%

Directory traversal vulnerability in Tridium Niagara AX 3.5, 3.6, and 3.7 allows remote attackers to read sensitive files, and consequently execute arbitrary code, by leveraging (1) valid credentials or (2) the guest feature.

File data ot_500379.nasl
VendorProductVersionCPE
tridiumniagra_ax_framework3.5cpe:2.3:a:tridium:niagra_ax_framework:3.5:*:*:*:*:*:*:*
tridiumniagra_ax_framework3.6cpe:2.3:a:tridium:niagra_ax_framework:3.6:*:*:*:*:*:*:*
tridiumniagra_ax_framework3.7cpe:2.3:a:tridium:niagra_ax_framework:3.7:*:*:*:*:*:*:*

EPSS

0.006

Percentile

78.4%

Related for OT_500379.NASL