Lucene search
This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.OT_500382.NASLHistoryAug 10, 2020 - 12:00 a.m.
Tridium Niagara Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
2020-08-1000:00:00
This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
10
0.001 Low
EPSS
Percentile
23.5%
Tridium Niagara Enterprise Security 2.3u1, all versions prior to 2.3.118.6, Niagara AX 3.8u4, all versions prior to 3.8.401.1, Niagara 4.4u2, all versions prior to 4.4.93.40.2, and Niagara 4.6, all versions prior to 4.6.96.28.4 a cross-site scripting vulnerability has been identified that may allow a remote attacker to inject code to some web pages affecting confidentiality.
File data ot_500382.nasl| Vendor | Product | Version | CPE |
|---|---|---|---|
| tridium | niagara | * | cpe:2.3:a:tridium:niagara:*:*:*:*:*:*:*:* |
| tridium | niagara | 4.4u2 | cpe:2.3:a:tridium:niagara:4.4u2:*:*:*:*:*:*:* |
| tridium | niagara | * | cpe:2.3:a:tridium:niagara:*:*:*:*:*:*:*:* |
| tridium | niagara_ax_framework | * | cpe:2.3:a:tridium:niagara_ax_framework:*:*:*:*:*:*:*:* |
| tridium | niagara_ax_framework | 3.8u4 | cpe:2.3:a:tridium:niagara_ax_framework:3.8u4:*:*:*:*:*:*:* |
| tridium | niagara_enterprise_security | * | cpe:2.3:a:tridium:niagara_enterprise_security:*:*:*:*:*:*:*:* |
| tridium | niagara_enterprise_security | 2.3u1 | cpe:2.3:a:tridium:niagara_enterprise_security:2.3u1:*:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2018-18985
2019-01-29 16:29:00
nessus
nessus
cvelist
cvelist
CVE-2018-18985
2019-01-10 00:00:00
ics
ics
Tridium Niagara Enterprise Security, Niagara AX, and Niagara 4
2019-01-10 12:00:00
cve
cve
CVE-2018-18985
2019-01-29 16:29:00
prion
prion
Cross site scripting
2019-01-29 16:29:00