CVE-2012-4701

Tridium Niagara AX <3.8 - Path Traversal

Title source: llm
STIX 2.1

Description

Directory traversal vulnerability in Tridium Niagara AX 3.5, 3.6, and 3.7 allows remote attackers to read sensitive files, and consequently execute arbitrary code, by leveraging (1) valid credentials or (2) the guest feature.

References (2)

Core 2
Core References
Broken Link, Third Party Advisory, US Government Resource x_refsource_misc
http://ics-cert.us-cert.gov/pdf/ICSA-13-045-01.pdf

Scores

EPSS 0.0637
EPSS Percentile 92.8%

Details

CWE
CWE-22
Status published
Products (3)
tridium/niagara_ax 3.5
tridium/niagara_ax 3.6
tridium/niagara_ax 3.7
Published Feb 15, 2013
Tracked Since Feb 18, 2026