Vulnerability Change Records for CVE-2018-18985

Change History

CVE Modified by ICS-CERT 10/09/2019 7:37:31 PM

Action Type Old Value New Value
Added CWE

								
							
							
						
ICS-CERT CWE-79

CVE Modified by ICS-CERT 1/31/2019 7:29:00 PM

Action Type Old Value New Value
Changed Description
Tridium Niagara Enterprise Security 2.3u1, all versions prior to 2.3.118.6, Niagara AX 3.8u4, all versions prior to 3.8.401.1, Niagara 4.4u2, all versions prior to 4.4.93.40.2, and Niagara 4.6, all versions prior to 4.6.96.28.4 contain a cross-site scripting vunerability that could allow remote attackers to inject code.
Tridium Niagara Enterprise Security 2.3u1, all versions prior to 2.3.118.6, Niagara AX 3.8u4, all versions prior to 3.8.401.1, Niagara 4.4u2, all versions prior to 4.4.93.40.2, and Niagara 4.6, all versions prior to 4.6.96.28.4 a cross-site scripting vulnerability has been identified that may allow a remote attacker to inject code to some web pages affecting confidentiality.

CVE Modified by ICS-CERT 1/30/2019 10:29:05 AM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.securityfocus.com/bid/106530 [No Types Assigned]

Modified Analysis 3/05/2019 2:48:19 PM

Action Type Old Value New Value
Changed Reference Type
http://www.securityfocus.com/bid/106530 Third Party Advisory
http://www.securityfocus.com/bid/106530 Third Party Advisory, VDB Entry