CVE-2020-14483
Description
A timeout during a TLS handshake can result in the connection failing to terminate. This can result in a Niagara thread hanging and requires a manual restart of Niagara (Versions 4.6.96.28, 4.7.109.20, 4.7.110.32, 4.8.0.110) and Niagara Enterprise Security (Versions 2.4.31, 2.4.45, 4.8.0.35) to correct.
Risk Information
Base Score
4.3
MODERATE
Vector
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
EPSS Score
Exploitation Probability
0.114
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2018-18985,CVE-2020-14483 are affected in Tridium Niagara Framework 4.6.96.28 | Windows |
| Vulnerabilities CVE-2020-14483 are affected in Tridium Niagara Enterprise Security 2.4.31 | Windows |
| Vulnerabilities CVE-2020-14483 are affected in Tridium Niagara Enterprise Security 2.4.45 | Windows |
| Vulnerabilities CVE-2020-14483 are affected in Tridium Niagara Enterprise Security 4.8.0.35 | Windows |
| Vulnerabilities CVE-2020-14483 are affected in Tridium Niagara Framework 4.7.109.20 | Windows |
| Vulnerabilities CVE-2020-14483 are affected in Tridium Niagara Framework 4.7.110.32 | Windows |
| Vulnerabilities CVE-2020-14483 are affected in Tridium Niagara Framework 4.8.0.110 | Windows |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234