Cleartext Base64 Transmission of Credentials in Tridium Niagara AX Framework

Cleartext Base64 Transmission of Credentials in Tridium Niagara AX Framework

CVE-2012-3025 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

The default configuration of Tridium Niagara AX Framework through 3.6 uses a cleartext base64 format for transmission of credentials in cookies, which allows remote attackers to obtain sensitive information by sniffing the network.

Learn more about our Network Penetration Testing.