Directory traversal vulnerability in Tridium Niagara AX 3.5, 3.6, and 3.7 allows remote attackers to read sensitive files, and consequently execute arbitrary code, by leveraging (1) valid credentials or (2) the guest feature.
References
Link | Resource |
---|---|
http://ics-cert.us-cert.gov/pdf/ICSA-13-045-01.pdf | Broken Link Third Party Advisory US Government Resource |
https://www.niagara-central.com/ord?portal:/dev/wiki/Niagara_AX_Security_Patch_11-Feb-2013 | Broken Link |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: icscert
Published: 2022-10-03T16:15:33
Updated: 2022-10-03T16:15:33
Reserved: 2022-10-03T00:00:00
Link: CVE-2012-4701
JSON object: View
NVD Information
Status : Analyzed
Published: 2013-02-15T12:09:27.773
Modified: 2023-03-22T14:11:31.713
Link: CVE-2012-4701
JSON object: View
Redhat Information
No data.
CWE