CVE-2025-3943 | Tridium Niagara Framework/Niagara Enterprise Security up to 4.10.10/4.14.1/4.15.0 on Windows Query String get request method with sensitive query strings (EUVD-2025-16142)
A vulnerability was found in Tridium Niagara Framework and Niagara Enterprise Security up to 4.10.10/4.14.1/4.15.0 on Windows and classified as problematic. Affected by this issue is some unknown functionality of the component Query String Handler. The manipulation leads to use of get request method with sensitive query strings.
This vulnerability is handled as CVE-2025-3943. The attack may be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.