CVE-2017-16748
20.08.2018, 21:29
An attacker can log into the local Niagara platform (Niagara AX Framework Versions 3.8 and prior or Niagara 4 Framework Versions 4.4 and prior) using a disabled account name and a blank password, granting the attacker administrator access to the Niagara system.Enginsight
| Vendor | Product | Version |
|---|---|---|
| tridium | niagara | 𝑥 ≤ 4.4 |
| tridium | niagara_ax_framework | 𝑥 ≤ 3.8 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References