VAR-201302-0028
Vulnerability from variot - Updated: 2023-12-18 13:53Directory traversal vulnerability in Tridium Niagara AX 3.5, 3.6, and 3.7 allows remote attackers to read sensitive files, and consequently execute arbitrary code, by leveraging (1) valid credentials or (2) the guest feature. Tridium Niagara is a building monitoring system. TRIDIUM NiagaraAX is prone to a directory-traversal vulnerability. This may aid in further attacks. A directory traversal vulnerability exists in Tridium Niagara AX versions 3.5, 3.6 and 3.7
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201302-0028",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "niagara ax",
"scope": "eq",
"trust": 1.0,
"vendor": "tridium",
"version": "3.6"
},
{
"model": "niagara ax",
"scope": "eq",
"trust": 1.0,
"vendor": "tridium",
"version": "3.5"
},
{
"model": "niagara ax",
"scope": "eq",
"trust": 1.0,
"vendor": "tridium",
"version": "3.7"
},
{
"model": "niagara ax framework",
"scope": "eq",
"trust": 0.8,
"vendor": "tridium",
"version": "3.5"
},
{
"model": "niagara ax framework",
"scope": "eq",
"trust": 0.8,
"vendor": "tridium",
"version": "3.6"
},
{
"model": "niagara ax framework",
"scope": "eq",
"trust": 0.8,
"vendor": "tridium",
"version": "3.7"
},
{
"model": "niagara ax",
"scope": "eq",
"trust": 0.6,
"vendor": "tridium",
"version": "3.5/3.6/3.7"
},
{
"model": "niagra ax framework",
"scope": "eq",
"trust": 0.6,
"vendor": "tridium",
"version": "3.5"
},
{
"model": "niagra ax framework",
"scope": "eq",
"trust": 0.6,
"vendor": "tridium",
"version": "3.6"
},
{
"model": "niagra ax framework",
"scope": "eq",
"trust": 0.6,
"vendor": "tridium",
"version": "3.7"
},
{
"model": "niagaraax",
"scope": "eq",
"trust": 0.3,
"vendor": "tridium",
"version": "3.7"
},
{
"model": "niagaraax",
"scope": "eq",
"trust": 0.3,
"vendor": "tridium",
"version": "3.6"
},
{
"model": "niagaraax",
"scope": "eq",
"trust": 0.3,
"vendor": "tridium",
"version": "0"
},
{
"model": "niagaraax",
"scope": "ne",
"trust": 0.3,
"vendor": "tridium",
"version": "3.7.46.3"
},
{
"model": "niagaraax",
"scope": "ne",
"trust": 0.3,
"vendor": "tridium",
"version": "3.6.47.1"
},
{
"model": "niagaraax",
"scope": "ne",
"trust": 0.3,
"vendor": "tridium",
"version": "3.5.39"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "niagra ax framework",
"version": "3.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "niagra ax framework",
"version": "3.6"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "niagra ax framework",
"version": "3.7"
}
],
"sources": [
{
"db": "IVD",
"id": "170be9f4-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-01004"
},
{
"db": "BID",
"id": "57968"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001581"
},
{
"db": "NVD",
"id": "CVE-2012-4701"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-264"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:tridium:niagara_ax:3.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:tridium:niagara_ax:3.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:tridium:niagara_ax:3.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-4701"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Billy Rios and Terry McCorkle",
"sources": [
{
"db": "BID",
"id": "57968"
}
],
"trust": 0.3
},
"cve": "CVE-2012-4701",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2012-4701",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "170be9f4-2353-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-57982",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-4701",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201302-264",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "170be9f4-2353-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-57982",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "170be9f4-2353-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-57982"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001581"
},
{
"db": "NVD",
"id": "CVE-2012-4701"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-264"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Directory traversal vulnerability in Tridium Niagara AX 3.5, 3.6, and 3.7 allows remote attackers to read sensitive files, and consequently execute arbitrary code, by leveraging (1) valid credentials or (2) the guest feature. Tridium Niagara is a building monitoring system. TRIDIUM NiagaraAX is prone to a directory-traversal vulnerability. This may aid in further attacks. A directory traversal vulnerability exists in Tridium Niagara AX versions 3.5, 3.6 and 3.7",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-4701"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001581"
},
{
"db": "CNVD",
"id": "CNVD-2013-01004"
},
{
"db": "BID",
"id": "57968"
},
{
"db": "IVD",
"id": "170be9f4-2353-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-57982"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-4701",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-13-045-01",
"trust": 3.4
},
{
"db": "CNNVD",
"id": "CNNVD-201302-264",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2013-01004",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001581",
"trust": 0.8
},
{
"db": "BID",
"id": "57968",
"trust": 0.4
},
{
"db": "IVD",
"id": "170BE9F4-2353-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-57982",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "170be9f4-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-01004"
},
{
"db": "VULHUB",
"id": "VHN-57982"
},
{
"db": "BID",
"id": "57968"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001581"
},
{
"db": "NVD",
"id": "CVE-2012-4701"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-264"
}
]
},
"id": "VAR-201302-0028",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "170be9f4-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-01004"
},
{
"db": "VULHUB",
"id": "VHN-57982"
}
],
"trust": 1.55093956
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "170be9f4-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-01004"
}
]
},
"last_update_date": "2023-12-18T13:53:30.400000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Niagara AX Security Patch 11-Feb-2013",
"trust": 0.8,
"url": "https://www.niagara-central.com/ord?portal:/dev/wiki/niagara_ax_security_patch_11-feb-2013"
},
{
"title": "TRIDIUM NiagaraAX Directory Traversal Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/31881"
},
{
"title": "securityPatches3.7_120211",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=45360"
},
{
"title": "securityPatches3.6_120211",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=45359"
},
{
"title": "securityPatches3.5_120211",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=45358"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-01004"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001581"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-264"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-22",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57982"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001581"
},
{
"db": "NVD",
"id": "CVE-2012-4701"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "http://ics-cert.us-cert.gov/pdf/icsa-13-045-01.pdf"
},
{
"trust": 1.7,
"url": "https://www.niagara-central.com/ord?portal:/dev/wiki/niagara_ax_security_patch_11-feb-2013"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-4701"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-4701"
},
{
"trust": 0.3,
"url": "http://www.niagaraax.com/"
},
{
"trust": 0.3,
"url": "http://www.tridium.com/cs/products_/_services/niagaraax"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-01004"
},
{
"db": "VULHUB",
"id": "VHN-57982"
},
{
"db": "BID",
"id": "57968"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001581"
},
{
"db": "NVD",
"id": "CVE-2012-4701"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-264"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "170be9f4-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-01004"
},
{
"db": "VULHUB",
"id": "VHN-57982"
},
{
"db": "BID",
"id": "57968"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001581"
},
{
"db": "NVD",
"id": "CVE-2012-4701"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-264"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-02-19T00:00:00",
"db": "IVD",
"id": "170be9f4-2353-11e6-abef-000c29c66e3d"
},
{
"date": "2013-02-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-01004"
},
{
"date": "2013-02-15T00:00:00",
"db": "VULHUB",
"id": "VHN-57982"
},
{
"date": "2013-02-14T00:00:00",
"db": "BID",
"id": "57968"
},
{
"date": "2013-02-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-001581"
},
{
"date": "2013-02-15T12:09:27.773000",
"db": "NVD",
"id": "CVE-2012-4701"
},
{
"date": "2013-02-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201302-264"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-05-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-01004"
},
{
"date": "2013-02-15T00:00:00",
"db": "VULHUB",
"id": "VHN-57982"
},
{
"date": "2013-02-14T00:00:00",
"db": "BID",
"id": "57968"
},
{
"date": "2013-02-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-001581"
},
{
"date": "2023-03-22T14:11:31.713000",
"db": "NVD",
"id": "CVE-2012-4701"
},
{
"date": "2023-03-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201302-264"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201302-264"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "TRIDIUM NiagaraAX Directory Traversal Vulnerability",
"sources": [
{
"db": "IVD",
"id": "170be9f4-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-01004"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Path traversal",
"sources": [
{
"db": "IVD",
"id": "170be9f4-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-264"
}
],
"trust": 0.8
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…