Authentication Bypass Vulnerability in Niagara AX and Niagara 4 Framework

Authentication Bypass Vulnerability in Niagara AX and Niagara 4 Framework

CVE-2017-16748 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

An attacker can log into the local Niagara platform (Niagara AX Framework Versions 3.8 and prior or Niagara 4 Framework Versions 4.4 and prior) using a disabled account name and a blank password, granting the attacker administrator access to the Niagara system.

Learn more about our Web Application Penetration Testing UK.