Predictable Session IDs and Keys in Tridium Niagara AX Framework
CVE-2012-3024 · MEDIUM Severity
AV:N/AC:L/AU:N/C:N/I:P/A:N
Tridium Niagara AX Framework through 3.6 uses predictable values for (1) session IDs and (2) keys, which might allow remote attackers to bypass authentication via a brute-force attack.
Learn more about our Web Application Penetration Testing UK.