PT-2019-13393 · Tridium · Niagara Ax+3
Publicado
2019-09-24
·
Atualizado
2020-10-16
·
CVE-2019-13528
CVSS v3.1
4.4
Média
| Vetor | AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Niagara AX version 3.8u4
Niagara version 4.4u3
Niagara version 4.7u1
Description
A specific utility may allow an attacker to gain read access to privileged files. This issue affects various JACE and Edge devices.
Recommendations
For Niagara AX version 3.8u4, update to a version that includes the necessary security patches.
For Niagara version 4.4u3, apply the recommended security fixes to prevent unauthorized access.
For Niagara version 4.7u1, restrict access to sensitive files until a patch is available.
Correção
Improper Authorization
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Edge
Jace
Niagara
Niagara Ax