exploitDog

GHSA-57j6-cjr9-cw4x

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Tridium Niagara AX Framework through 3.6 uses predictable values for (1) session IDs and (2) keys, which might allow remote attackers to bypass authentication via a brute-force attack.

Tridium Niagara AX Framework through 3.6 uses predictable values for (1) session IDs and (2) keys, which might allow remote attackers to bypass authentication via a brute-force attack.

Ссылки

EPSS

Процентиль: 50%

0.00266

Низкий

CVE ID

Дефекты

CWE-287

Связанные уязвимости

CVE-2012-3024

nvd

больше 13 лет назад

Tridium Niagara AX Framework through 3.6 uses predictable values for (1) session IDs and (2) keys, which might allow remote attackers to bypass authentication via a brute-force attack.

EPSS

Процентиль: 50%

0.00266

Низкий

CVE ID

Дефекты

CWE-287