CVE-2012-4028
Tridium Niagara AX Framework - Insufficiently Protected Credentials
Title source: llmDescription
Tridium Niagara AX Framework does not properly store credential data, which allows context-dependent attackers to bypass intended access restrictions by using the stored information for authentication.
References (2)
Core 2
Core References
Permissions Required x_refsource_misc
http://www.washingtonpost.com/investigations/tridiums-niagara-framework-marvel-of-connectivity-illustrates-new-cyber-risks/2012/07/11/gJQARJL6dW_story.html
Broken Link, Vendor Advisory x_refsource_confirm
https://www.tridium.com/galleries/briefings/NiagaraAX_Framework_Software_Security_Alert.pdf
Scores
EPSS
0.0163
EPSS Percentile
73.1%
Details
CWE
CWE-522
Status
published
Products (1)
tridium/niagara_ax
Published
Jul 16, 2012
Tracked Since
Feb 18, 2026