Vulnerability Description
A path traversal vulnerability in Tridium Niagara AX Versions 3.8 and prior and Niagara 4 systems Versions 4.4 and prior installed on Microsoft Windows Systems can be exploited by leveraging valid platform (administrator) credentials.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Tridium | Niagara | >= 4.0, <= 4.4 |
| Tridium | Niagara Ax Framework | <= 3.8 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/105101Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-18-191-03Third Party AdvisoryUS Government ResourceVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-19-022-01
- http://www.securityfocus.com/bid/105101Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-18-191-03Third Party AdvisoryUS Government ResourceVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-19-022-01
FAQ
What is CVE-2017-16744?
CVE-2017-16744 is a vulnerability with a CVSS score of 7.2 (HIGH). A path traversal vulnerability in Tridium Niagara AX Versions 3.8 and prior and Niagara 4 systems Versions 4.4 and prior installed on Microsoft Windows Systems can be exploited by leveraging valid pla...
How severe is CVE-2017-16744?
CVE-2017-16744 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-16744?
Check the references section above for vendor advisories and patch information. Affected products include: Tridium Niagara, Tridium Niagara Ax Framework.