CVE-2017-16748

CVE-2017-16748

Vendor Ics-Cert
Product Niagara AX Framework and Niagara 4 Framework
Weakness CWE-287 · Improper authentication
Published August 20, 2018
Last update September 17, 2024

CVSS base score

What the vulnerability does

01Description

An attacker can log into the local Niagara platform (Niagara AX Framework Versions 3.8 and prior or Niagara 4 Framework Versions 4.4 and prior) using a disabled account name and a blank password, granting the attacker administrator access to the Niagara system.

Key dates

02Disclosure timeline

August 20, 2018 CVE published
September 17, 2024 Record updated

Related vulnerabilities

04Related CVE