PT-2018-6322 · Tridium · Tridium Niagara 4+1

Published

2018-08-20

Updated

2019-04-03

CVE-2017-16744

CVSS v3.1

7.2

High

Vector

AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Tridium Niagara AX versions 3.8 and prior Tridium Niagara 4 systems versions 4.4 and prior

Description: A path traversal issue can be exploited by using valid administrator credentials, potentially allowing unauthorized access to sensitive areas of the system.

Recommendations: For Tridium Niagara AX versions 3.8 and prior, update to a version later than 3.8 to resolve the issue. For Tridium Niagara 4 systems versions 4.4 and prior, update to a version later than 4.4 to resolve the issue.

Fix

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-22

Related Identifiers

CVE-2017-16744

Affected Products

Tridium Niagara 4

Tridium Niagara Ax

PT-2018-6322 · Tridium · Tridium Niagara 4+1

CVE-2017-16744

Weakness Enumeration

Related Identifiers

Affected Products

References · 5