Lucene search
HistoryAug 16, 2012 - 10:38 a.m.
CVE-2012-3025
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.1 Medium
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
54.2%
The default configuration of Tridium Niagara AX Framework through 3.6 uses a cleartext base64 format for transmission of credentials in cookies, which allows remote attackers to obtain sensitive information by sniffing the network.
Affected configurations
Node
tridiumniagara_axRange≤3.6
Related
prion
prion
Default configuration
2012-08-16 10:38:00
cvelist
cvelist
CVE-2012-3025
2022-10-03 16:15:22
cve
cve
CVE-2012-3025
2022-10-03 16:15:22
nessus
nessus
Tridium Niagra Unspecified Vulnerability
2020-08-10 00:00:00
Tridium Niagara AX Insufficiently Protected Credentials (CVE-2012-3025)
2023-03-21 00:00:00
Tridium Niagara AX Web Server Multiple Vulnerabilities
2013-07-03 00:00:00
ics
ics
Tridium Niagara Vulnerabilities (Update A)
2014-03-06 12:00:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.1 Medium
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
54.2%
Related for NVD:CVE-2012-3025