Lucene search

K
nvd[email protected]NVD:CVE-2012-4701
HistoryFeb 15, 2013 - 12:09 p.m.

CVE-2012-4701

2013-02-1512:09:27
CWE-22
web.nvd.nist.gov

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.1

Confidence

Low

EPSS

0.006

Percentile

78.4%

Directory traversal vulnerability in Tridium Niagara AX 3.5, 3.6, and 3.7 allows remote attackers to read sensitive files, and consequently execute arbitrary code, by leveraging (1) valid credentials or (2) the guest feature.

Affected configurations

NVD
Node
tridiumniagara_axMatch3.5
OR
tridiumniagara_axMatch3.6
OR
tridiumniagara_axMatch3.7

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.1

Confidence

Low

EPSS

0.006

Percentile

78.4%

Related for NVD:CVE-2012-4701