Known Vulnerabilities for products from Tridium
Listed below are 10 of the newest known vulnerabilities associated with the vendor "Tridium".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2020-14483 json | A timeout during a TLS handshake can result in the connection failing to terminate. This can result in a Niagara thread hangi... | 4.3 - MEDIUM | 2020-08-13 | 2020-08-19 |
| CVE-2019-13528 json | A specific utility may allow an attacker to gain read access to privileged files in the Niagara AX 3.8u4 (JACE 3e, JACE 6e, J... | 4.4 - MEDIUM | 2019-09-24 | 2020-10-16 |
| CVE-2018-18985 json | Tridium Niagara Enterprise Security 2.3u1, all versions prior to 2.3.118.6, Niagara AX 3.8u4, all versions prior to 3.8.401.1... | 5.4 - MEDIUM | 2019-01-29 | 2019-10-09 |
| CVE-2017-16748 json | An attacker can log into the local Niagara platform (Niagara AX Framework Versions 3.8 and prior or Niagara 4 Framework Versi... | 9.8 - CRITICAL | 2018-08-20 | 2019-04-03 |
| CVE-2017-16744 json | A path traversal vulnerability in Tridium Niagara AX Versions 3.8 and prior and Niagara 4 systems Versions 4.4 and prior inst... | 7.2 - HIGH | 2018-08-20 | 2019-04-03 |
| CVE-2012-4701 json | Directory traversal vulnerability in Tridium Niagara AX 3.5, 3.6, and 3.7 allows remote attackers to read sensitive files, an... | 9.3 - HIGH | 2013-02-15 | 2023-03-22 |
| CVE-2012-4028 json | Tridium Niagara AX Framework does not properly store credential data, which allows context-dependent attackers to bypass inte... | 7.8 - HIGH | 2012-07-16 | 2023-03-22 |
| CVE-2012-4027 json | Directory traversal vulnerability in Tridium Niagara AX Framework allows remote attackers to read files outside of the intend... | 5 - MEDIUM | 2012-07-16 | 2023-03-22 |
| CVE-2012-3025 json | The default configuration of Tridium Niagara AX Framework through 3.6 uses a cleartext base64 format for transmission of cred... | 5 - MEDIUM | 2012-08-16 | 2023-03-22 |
| CVE-2012-3024 json | Tridium Niagara AX Framework through 3.6 uses predictable values for (1) session IDs and (2) keys, which might allow remote a... | 5 - MEDIUM | 2012-08-16 | 2023-03-22 |
Known software with vulnerabilities from Tridium
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Tridium | Niagara | 4.0 |
| Application | Tridium | Niagara Ax Framework | 3.8 |
| Application | Tridium | Niagara Enterprise Security | 2.4.31 |
| Application | Tridium | Niagra Ax Framework | 3.5 |