Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4028

Overview

Vulnerability Score 7.8 7.8
CVE Id CVE-2012-4028
Last Modified 04 Dec 2012 12:00:00
Published 16 Jul 2012 04:55:05
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-4028

Summary

Tridium Niagara AX Framework does not properly store credential data, which allows context-dependent attackers to bypass intended access restrictions by using the stored information for authentication.

Vulnerable Systems

Application

  • Tridium Niagra Ax Framework


References

CONFIRM - https://www.tridium.com/galleries/briefings/NiagaraAX_Framework_Software_Security_Alert.pdf

MISC - http://www.washingtonpost.com/investigations/tridiums-niagara-framework-marvel-of-connectivity-illustrates-new-cyber-risks/2012/07/11/gJQARJL6dW_story.html


Last Updated: 27 May 2016 10:57:33