Known Vulnerabilities for Niagra Ax Framework by Tridium

Listed below are 5 of the newest known vulnerabilities associated with "Niagra Ax Framework" by "Tridium".

These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.

Data on known vulnerable versions is also displayed based on information from known CPEs

Known Vulnerabilities

CVE	Shortened Description	Severity	Publish Date	Last Modified
CVE-2012-4701	Directory traversal vulnerability in Tridium Niagara AX 3.5, 3.6, and 3.7 allows remote attackers to read sensitive files, an...	9.3 - HIGH	2013-02-15	2023-03-22
CVE-2012-4028	Tridium Niagara AX Framework does not properly store credential data, which allows context-dependent attackers to bypass inte...	7.8 - HIGH	2012-07-16	2023-03-22
CVE-2012-4027	Directory traversal vulnerability in Tridium Niagara AX Framework allows remote attackers to read files outside of the intend...	5 - MEDIUM	2012-07-16	2023-03-22
CVE-2012-3025	The default configuration of Tridium Niagara AX Framework through 3.6 uses a cleartext base64 format for transmission of cred...	5 - MEDIUM	2012-08-16	2023-03-22
CVE-2012-3024	Tridium Niagara AX Framework through 3.6 uses predictable values for (1) session IDs and (2) keys, which might allow remote a...	5 - MEDIUM	2012-08-16	2023-03-22

Known Affected Configurations (CPE V2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Tridium	Niagra Ax Framework	3.7	All	All	All
Application	Tridium	Niagra Ax Framework	3.6	All	All	All
Application	Tridium	Niagra Ax Framework	3.5	All	All	All