Directory traversal vulnerability in Tridium Niagara AX Framework allows remote attackers to read files outside of the intended images, nav, and px folders by leveraging incorrect permissions, as demonstrated by reading the config.bog file.
References
Link | Resource |
---|---|
http://www.washingtonpost.com/investigations/tridiums-niagara-framework-marvel-of-connectivity-illustrates-new-cyber-risks/2012/07/11/gJQARJL6dW_story.html | Permissions Required |
https://www.tridium.com/galleries/briefings/NiagaraAX_Framework_Software_Security_Alert.pdf | Broken Link Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-10-03T16:15:34
Updated: 2022-10-03T16:15:34
Reserved: 2022-10-03T00:00:00
Link: CVE-2012-4027
JSON object: View
NVD Information
Status : Analyzed
Published: 2012-07-16T20:55:04.957
Modified: 2023-03-22T14:09:05.423
Link: CVE-2012-4027
JSON object: View
Redhat Information
No data.
CWE