Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
46 vulnerabilities by johnsoncontrols
CVE-2026-21661 (GCVE-0-2026-21661)
Vulnerability from cvelistv5 – Published: 2026-05-06 16:21 – Updated: 2026-05-06 19:02
VLAI
Title
AC2000 Uncontrolled Search Path Element
Summary
Uncontrolled Search Path Element vulnerability in JohnsonControls AC2000 on Windows allows Leveraging/Manipulating Configuration File Search Paths.
This issue affects AC2000: from 10.6 before release 10, from 11.0 before release 9, from 12 before release 3.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-427 - Uncontrolled Search Path Element
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| JohnsonControls | AC2000 |
Affected:
10.6 , < release 10
(custom)
Affected: 11.0 , < release 9 (custom) Affected: 12 , < release 3 (custom) |
Date Public
2026-05-05 04:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-21661",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-06T18:57:03.955511Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-06T19:02:28.291Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "AC2000",
"vendor": "JohnsonControls",
"versions": [
{
"lessThan": "release 10",
"status": "affected",
"version": "10.6",
"versionType": "custom"
},
{
"lessThan": "release 9",
"status": "affected",
"version": "11.0",
"versionType": "custom"
},
{
"lessThan": "release 3",
"status": "affected",
"version": "12",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:johnsoncontrols:ac2000:*:*:windows:*:*:*:*:*",
"versionEndExcluding": "release_10",
"versionStartIncluding": "10.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:ac2000:*:*:windows:*:*:*:*:*",
"versionEndExcluding": "release_9",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:ac2000:*:*:windows:*:*:*:*:*",
"versionEndExcluding": "release_3",
"versionStartIncluding": "12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"datePublic": "2026-05-05T04:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Uncontrolled Search Path Element vulnerability in JohnsonControls AC2000 on Windows allows Leveraging/Manipulating Configuration File Search Paths.\u003cp\u003eThis issue affects AC2000: from 10.6 before release 10, from 11.0 before release 9, from 12 before release 3.\u003c/p\u003e"
}
],
"value": "Uncontrolled Search Path Element vulnerability in JohnsonControls AC2000 on Windows allows Leveraging/Manipulating Configuration File Search Paths.\n\nThis issue affects AC2000: from 10.6 before release 10, from 11.0 before release 9, from 12 before release 3."
}
],
"impacts": [
{
"capecId": "CAPEC-38",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-38 Leveraging/Manipulating Configuration File Search Paths"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "CWE-427 Uncontrolled Search Path Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-06T16:21:13.885Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"url": "https://www.johnsoncontrols.com/trust-center/cybersecurity/security-advisories"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "AC2000 Uncontrolled Search Path Element",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2026-21661",
"datePublished": "2026-05-06T16:21:13.885Z",
"dateReserved": "2026-01-02T13:23:28.170Z",
"dateUpdated": "2026-05-06T19:02:28.291Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-32862 (GCVE-0-2024-32862)
Vulnerability from cvelistv5 – Published: 2024-08-01 21:57 – Updated: 2024-08-02 14:58
VLAI
Title
exacqVision CORS
Summary
Under certain circumstances the ExacqVision Web Services does not provide sufficient protection from untrusted domains.
Severity
6.8 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-942 - Permissive Cross-domain Policy with Untrusted Domains
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Johnson Controls | exacqVision |
Affected:
0 , ≤ 24.03
(custom)
|
|
| johnsoncontrols | exacqvision_web_service |
Affected:
0 , ≤ 24.03
(custom)
cpe:2.3:a:johnsoncontrols:exacqvision_web_service:*:*:*:*:*:*:*:* |
Date Public
2024-08-01 16:00
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:johnsoncontrols:exacqvision_web_service:*:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "exacqvision_web_service",
"vendor": "johnsoncontrols",
"versions": [
{
"lessThanOrEqual": "24.03",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-32862",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-02T14:54:54.809433Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-02T14:58:44.835Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "exacqVision",
"vendor": "Johnson Controls",
"versions": [
{
"lessThanOrEqual": "24.03",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Diego Zaffaroni from Nozomi Networks"
}
],
"datePublic": "2024-08-01T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgba(9, 30, 66, 0.024);\"\u003e\n\n\u003cspan style=\"background-color: rgba(9, 30, 66, 0.06);\"\u003e\n\n\u003cp\u003e\n\n\u003cspan style=\"background-color: rgba(9, 30, 66, 0.055);\"\u003eUnder certain circumstances the ExacqVision Web Services does not provide sufficient protection from untrusted domains. \u003c/span\u003e\n\n\u003c/p\u003e\n\n\u003c/span\u003e\n\n \u003c/span\u003e"
}
],
"value": "Under certain circumstances the ExacqVision Web Services does not provide sufficient protection from untrusted domains."
}
],
"impacts": [
{
"capecId": "CAPEC-180",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-180: Exploiting Incorrectly Configured Access Control Security Levels"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-942",
"description": "CWE-942 Permissive Cross-domain Policy with Untrusted Domains",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-01T21:57:13.093Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"url": "https://www.johnsoncontrols.com/trust-center/cybersecurity/security-advisories"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-214-02"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgba(9, 30, 66, 0.024);\"\u003eUpdate exacqVision Web Service to version 24.06\u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "Update exacqVision Web Service to version 24.06"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "exacqVision CORS",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2024-32862",
"datePublished": "2024-08-01T21:57:13.093Z",
"dateReserved": "2024-04-19T13:45:43.929Z",
"dateUpdated": "2024-08-02T14:58:44.835Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-32758 (GCVE-0-2024-32758)
Vulnerability from cvelistv5 – Published: 2024-08-01 21:50 – Updated: 2024-08-06 20:35
VLAI
Title
exacqVision - Key exchanges
Summary
Under certain circumstances the communication between exacqVision Client and exacqVision Server will use insufficient key length and exchange
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-326 - Inadequate Encryption Strength
Assigner
References
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Johnson Controls | exacqVision |
Affected:
0
(custom)
|
|
| johnsoncontrols | exacqvision_server |
Affected:
0 , < *
(custom)
cpe:2.3:a:johnsoncontrols:exacqvision_server:*:*:*:*:*:*:*:* |
|
| johnsoncontrols | exacqvision_client |
Affected:
0 , < *
(custom)
cpe:2.3:a:johnsoncontrols:exacqvision_client:*:*:*:*:*:*:*:* |
Date Public
2024-08-01 16:00
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:johnsoncontrols:exacqvision_server:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "exacqvision_server",
"vendor": "johnsoncontrols",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:johnsoncontrols:exacqvision_client:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "exacqvision_client",
"vendor": "johnsoncontrols",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-32758",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-06T20:29:29.999907Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-06T20:35:07.083Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "exacqVision",
"vendor": "Johnson Controls",
"versions": [
{
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Reid Wightman of Dragos"
}
],
"datePublic": "2024-08-01T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgba(9, 30, 66, 0.024);\"\u003e\n\n\u003cspan style=\"background-color: rgba(9, 30, 66, 0.06);\"\u003e\n\n\u003cp\u003eUnder certain circumstances the communication between exacqVision Client and exacqVision Server will use insufficient key length and exchange\u003c/p\u003e\n\n\u003c/span\u003e\n\n \u003c/span\u003e"
}
],
"value": "Under certain circumstances the communication between exacqVision Client and exacqVision Server will use insufficient key length and exchange"
}
],
"impacts": [
{
"capecId": "CAPEC-277",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-277: Data Interchange Protocol Manipulation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-326",
"description": "CWE-326: Inadequate Encryption Strength",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-01T21:50:16.134Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"url": "https://www.johnsoncontrols.com/trust-center/cybersecurity/security-advisories"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-214-01"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgba(9, 30, 66, 0.06);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgba(9, 30, 66, 0.06);\"\u003e\n\n\u003cspan style=\"background-color: rgba(9, 30, 66, 0.06);\"\u003eFollow the guidance provided on the exacqVision Hardening Guide under the Password Strengthening section at \u003c/span\u003e\u003cbr\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.johnsoncontrols.com/trust-center/cybersecurity/resources.\"\u003ehttps://www.johnsoncontrols.com/trust-center/cybersecurity/resources.\u003c/a\u003e \n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "Follow the guidance provided on the exacqVision Hardening Guide under the Password Strengthening section at \n https://www.johnsoncontrols.com/trust-center/cybersecurity/resources."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "exacqVision - Key exchanges",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2024-32758",
"datePublished": "2024-08-01T21:50:16.134Z",
"dateReserved": "2024-04-17T17:26:35.181Z",
"dateUpdated": "2024-08-06T20:35:07.083Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-32931 (GCVE-0-2024-32931)
Vulnerability from cvelistv5 – Published: 2024-08-01 21:18 – Updated: 2024-08-06 20:35
VLAI
Title
exacqVison - Token Disclosed in URL
Summary
Under certain circumstances the exacqVision Web Service can expose authentication token details within communications.
Severity
5.7 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-598 - - Use of GET Request Method With Sensitive Query Strings
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Johnson Controls | exacqVision |
Affected:
0 , ≤ 24.03
(custom)
|
Date Public
2024-08-01 16:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-32931",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-06T20:35:29.938795Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-06T20:35:43.344Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "exacqVision",
"vendor": "Johnson Controls",
"versions": [
{
"lessThanOrEqual": "24.03",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Diego Zaffaroni from Nozomi Networks"
}
],
"datePublic": "2024-08-01T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgba(9, 30, 66, 0.024);\"\u003e\n\n\u003cspan style=\"background-color: rgba(9, 30, 66, 0.06);\"\u003eUnder certain circumstances the exacqVision Web Service can expose authentication token details within communications.\u003c/span\u003e\n\n \u003c/span\u003e"
}
],
"value": "Under certain circumstances the exacqVision Web Service can expose authentication token details within communications."
}
],
"impacts": [
{
"capecId": "CAPEC-593",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-593: Session Hijacking"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-598",
"description": "CWE-598 - Use of GET Request Method With Sensitive Query Strings",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-01T21:18:07.426Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"url": "https://www.johnsoncontrols.com/trust-center/cybersecurity/security-advisories"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-214-06"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgba(9, 30, 66, 0.06);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgba(9, 30, 66, 0.06);\"\u003eUpdate exacqVision Web Service to version 24.06\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "Update exacqVision Web Service to version 24.06"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "exacqVison - Token Disclosed in URL",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2024-32931",
"datePublished": "2024-08-01T21:18:07.426Z",
"dateReserved": "2024-04-19T17:27:45.230Z",
"dateUpdated": "2024-08-06T20:35:43.344Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-32865 (GCVE-0-2024-32865)
Vulnerability from cvelistv5 – Published: 2024-08-01 21:13 – Updated: 2024-08-02 14:36
VLAI
Title
exacqVison - TLS certificate validation
Summary
Under certain circumstances the exacqVision Server will not properly validate TLS certificates provided by connected devices.
Severity
6.4 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-295 - Improper Certificate Validation
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Johnson Controls | exacqVision |
Affected:
0 , ≤ 24.03
(custom)
|
|
| johnsoncontrols | exacqvision_server |
Affected:
0 , ≤ 24.03
(custom)
cpe:2.3:a:johnsoncontrols:exacqvision_server:*:*:*:*:*:*:x86:* |
Date Public
2024-08-01 16:00
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:johnsoncontrols:exacqvision_server:*:*:*:*:*:*:x86:*"
],
"defaultStatus": "unknown",
"product": "exacqvision_server",
"vendor": "johnsoncontrols",
"versions": [
{
"lessThanOrEqual": "24.03",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-32865",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-02T14:13:28.853898Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-02T14:36:24.920Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "exacqVision",
"vendor": "Johnson Controls",
"versions": [
{
"lessThanOrEqual": "24.03",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Diego Zaffaroni from Nozomi Networks"
}
],
"datePublic": "2024-08-01T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgba(9, 30, 66, 0.024);\"\u003eUnder certain circumstances the exacqVision Server will not properly validate TLS certificates provided by connected devices. \u003c/span\u003e"
}
],
"value": "Under certain circumstances the exacqVision Server will not properly validate TLS certificates provided by connected devices."
}
],
"impacts": [
{
"capecId": "CAPEC-94",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-94: Adversary in the Middle (AiTM)"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "CWE-295 Improper Certificate Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-01T21:13:24.868Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"url": "https://www.johnsoncontrols.com/trust-center/cybersecurity/security-advisories"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-214-05"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgba(9, 30, 66, 0.06);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUpdate exacqVision Server and exacqVision Client to version 24.06\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "Update exacqVision Server and exacqVision Client to version 24.06"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "exacqVison - TLS certificate validation",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2024-32865",
"datePublished": "2024-08-01T21:13:24.868Z",
"dateReserved": "2024-04-19T13:45:43.929Z",
"dateUpdated": "2024-08-02T14:36:24.920Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-32864 (GCVE-0-2024-32864)
Vulnerability from cvelistv5 – Published: 2024-08-01 21:08 – Updated: 2024-08-05 19:10
VLAI
Title
exacqVison - HTTPS Session Establishment
Summary
Under certain circumstances exacqVision Web Services will not enforce secure web communications (HTTPS)
Severity
6.4 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-319 - - Cleartext Transmission of Sensitive Information
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Johnson Controls | exacqVision |
Affected:
0 , ≤ 24.03
(custom)
|
Date Public
2024-08-01 16:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-32864",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-05T19:09:54.953664Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-05T19:10:10.819Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "exacqVision",
"vendor": "Johnson Controls",
"versions": [
{
"lessThanOrEqual": "24.03",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Diego Zaffaroni from Nozomi Networks"
}
],
"datePublic": "2024-08-01T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUnder certain circumstances exacqVision Web Services will not enforce secure web communications (HTTPS)\u003c/span\u003e"
}
],
"value": "Under certain circumstances exacqVision Web Services will not enforce secure web communications (HTTPS)"
}
],
"impacts": [
{
"capecId": "CAPEC-117",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-117: Interception"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-319",
"description": "CWE-319 - Cleartext Transmission of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-01T21:08:02.220Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"url": "https://www.johnsoncontrols.com/trust-center/cybersecurity/security-advisories"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-214-04"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgba(9, 30, 66, 0.06);\"\u003eUpdate exacqVision Web Service to version 24.06\u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "Update exacqVision Web Service to version 24.06"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "exacqVison - HTTPS Session Establishment",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2024-32864",
"datePublished": "2024-08-01T21:08:02.220Z",
"dateReserved": "2024-04-19T13:45:43.929Z",
"dateUpdated": "2024-08-05T19:10:10.819Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-32863 (GCVE-0-2024-32863)
Vulnerability from cvelistv5 – Published: 2024-08-01 20:59 – Updated: 2024-08-02 14:59
VLAI
Title
exacqVison - CSRF issues with Web Service
Summary
Under certain circumstances the exacqVision Web Services may be susceptible to Cross-Site Request Forgery (CSRF)
Severity
6.8 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-352 - Cross-Site Request Forgery (CSRF)
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Johnson Controls | exacqVision |
Affected:
0 , ≤ 24.03
(custom)
|
|
| johnsoncontrols | exacqvision_web_service |
Affected:
0 , ≤ 24.03
(custom)
cpe:2.3:a:johnsoncontrols:exacqvision_web_service:*:*:*:*:*:*:*:* |
Date Public
2024-08-01 16:00
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:johnsoncontrols:exacqvision_web_service:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "exacqvision_web_service",
"vendor": "johnsoncontrols",
"versions": [
{
"lessThanOrEqual": "24.03",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-32863",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-02T14:57:46.260348Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-02T14:59:25.751Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "exacqVision",
"vendor": "Johnson Controls",
"versions": [
{
"lessThanOrEqual": "24.03",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Diego Zaffaroni from Nozomi Networks"
}
],
"datePublic": "2024-08-01T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgba(9, 30, 66, 0.06);\"\u003eUnder certain circumstances the exacqVision Web Services may be susceptible to Cross-Site Request Forgery (CSRF)\u003c/span\u003e"
}
],
"value": "Under certain circumstances the exacqVision Web Services may be susceptible to Cross-Site Request Forgery (CSRF)"
}
],
"impacts": [
{
"capecId": "CAPEC-176",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-176: Configuration/Environment Manipulation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352: Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-01T20:59:34.089Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"url": "https://www.johnsoncontrols.com/trust-center/cybersecurity/security-advisories"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-214-03"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update exacqVision Web Service to version 24.06\u003cbr\u003e"
}
],
"value": "Update exacqVision Web Service to version 24.06"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "exacqVison - CSRF issues with Web Service",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2024-32863",
"datePublished": "2024-08-01T20:59:34.089Z",
"dateReserved": "2024-04-19T13:45:43.929Z",
"dateUpdated": "2024-08-02T14:59:25.751Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-0912 (GCVE-0-2024-0912)
Vulnerability from cvelistv5 – Published: 2024-06-05 23:23 – Updated: 2024-08-01 18:18
VLAI
Title
CCURE passwords exposed to administrators
Summary
Under certain circumstances the Microsoft® Internet Information Server (IIS) used to host the C•CURE 9000 Web Server will log Microsoft Windows credential details within logs. There is no impact to non-web service interfaces C•CURE 9000 or prior versions
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-532 - Insertion of Sensitive Information into Log File
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Johnson Controls | Software House C•CURE 9000 |
Affected:
0 , ≤ 2.90
(custom)
|
|
| johnsoncontrols | c-cure_9000_firmware |
Affected:
3.00.2
cpe:2.3:a:johnsoncontrols:c-cure_9000_firmware:3.00.2:*:*:*:*:*:*:* |
Date Public
2024-05-14 23:05
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:johnsoncontrols:c-cure_9000_firmware:3.00.2:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "c-cure_9000_firmware",
"vendor": "johnsoncontrols",
"versions": [
{
"status": "affected",
"version": "3.00.2"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0912",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-06T13:26:19.917096Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-06T13:29:07.270Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T18:18:18.986Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.johnsoncontrols.com/-/media/jci/cyber-solutions/product-security-advisories/2024/jci-psa-2024-04.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-135-03"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Software House C\u2022CURE 9000",
"vendor": "Johnson Controls",
"versions": [
{
"lessThanOrEqual": "2.90",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2024-05-14T23:05:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUnder certain circumstances the Microsoft\u00ae Internet Information Server (IIS) used to host the C\u2022CURE 9000 Web Server will log Microsoft Windows credential details within logs. There is no impact to non-web service interfaces C\u2022CURE 9000 or prior versions\u003c/span\u003e\n\n"
}
],
"value": "Under certain circumstances the Microsoft\u00ae Internet Information Server (IIS) used to host the C\u2022CURE 9000 Web Server will log Microsoft Windows credential details within logs. There is no impact to non-web service interfaces C\u2022CURE 9000 or prior versions"
}
],
"impacts": [
{
"capecId": "CAPEC-560",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-560 Use of Known Domain Credentials"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:A/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532 Insertion of Sensitive Information into Log File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-05T23:24:21.753Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"url": "https://www.johnsoncontrols.com/-/media/jci/cyber-solutions/product-security-advisories/2024/jci-psa-2024-04.pdf"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-135-03"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eUpdate C\u2022CURE 9000 to version 3.00.2 CU02 or 3.00.3\u003cbr\u003e\u003c/p\u003e\u003cp\u003eChange the password for the impacted windows accounts.\u003cbr\u003e\u003c/p\u003e\u003cp\u003eDelete the api.log log file (or remove instances of passwords from the log file with a text editor) located at \"C:\\Program Files (x86)\\Tyco\\victorWebServices\\victorWebsite\\Logs\\archives\"\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "Update C\u2022CURE 9000 to version 3.00.2 CU02 or 3.00.3\n\n\nChange the password for the impacted windows accounts.\n\n\nDelete the api.log log file (or remove instances of passwords from the log file with a text editor) located at \"C:\\Program Files (x86)\\Tyco\\victorWebServices\\victorWebsite\\Logs\\archives\""
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CCURE passwords exposed to administrators",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2024-0912",
"datePublished": "2024-06-05T23:23:24.863Z",
"dateReserved": "2024-01-25T21:48:54.313Z",
"dateUpdated": "2024-08-01T18:18:18.986Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-3749 (GCVE-0-2023-3749)
Vulnerability from cvelistv5 – Published: 2023-08-03 19:40 – Updated: 2024-10-09 20:11
VLAI
Title
VideoEdge config
Summary
A local user could edit the VideoEdge configuration file and interfere with VideoEdge operation.
Severity
7.1 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-349 - Acceptance of Extraneous Untrusted Data With Trusted Data
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Sensormatic Electronics, a subsidiary of Johnson Controls, Inc. | VideoEdge |
Affected:
0 , < 6.1.1
(custom)
|
Date Public
2023-08-03 19:33
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:01:57.633Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-215-04"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-3749",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-09T19:35:44.210466Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-09T20:11:19.294Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "VideoEdge",
"vendor": "Sensormatic Electronics, a subsidiary of Johnson Controls, Inc.",
"versions": [
{
"lessThan": "6.1.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2023-08-03T19:33:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A local user could edit the VideoEdge configuration file and interfere with VideoEdge operation."
}
],
"value": "A local user could edit the VideoEdge configuration file and interfere with VideoEdge operation."
}
],
"impacts": [
{
"capecId": "CAPEC-153",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-153 Input Data Manipulation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-349",
"description": "CWE-349 Acceptance of Extraneous Untrusted Data With Trusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-03T19:40:05.497Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-215-04"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update VideoEdge to version 6.1.1.\u003cbr\u003eThe update can be downloaded from \u003ca target=\"_blank\" rel=\"nofollow\" href=\"http://www.americandynamics.net\"\u003ewww.americandynamics.net\u003c/a\u003e under Support/Software Downloads/Network Video Recorders.\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "Update VideoEdge to version 6.1.1.\nThe update can be downloaded from www.americandynamics.net http://www.americandynamics.net under Support/Software Downloads/Network Video Recorders.\n\n"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "VideoEdge config",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2023-3749",
"datePublished": "2023-08-03T19:40:05.497Z",
"dateReserved": "2023-07-18T14:49:50.889Z",
"dateUpdated": "2024-10-09T20:11:19.294Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-2025 (GCVE-0-2023-2025)
Vulnerability from cvelistv5 – Published: 2023-05-18 20:50 – Updated: 2025-02-12 16:27
VLAI
Title
Exposure of Sensitive Information in OpenBlue Enterprise Manager Data Collector
Summary
OpenBlue Enterprise Manager Data Collector versions prior to 3.2.5.75 may expose sensitive information to an unauthorized user under certain circumstances.
Severity
5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Johnson Controls | OpenBlue Enterprise Manager Data Collector |
Affected:
0 , < 3.2.5.75
(custom)
|
Date Public
2023-05-18 20:41
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:12:19.939Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-138-04"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-2025",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-12T16:27:41.285682Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T16:27:48.194Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "OpenBlue Enterprise Manager Data Collector",
"vendor": "Johnson Controls",
"versions": [
{
"lessThan": "3.2.5.75",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": " Rushank Shetty, Security Researcher at Northwestern Mutual"
}
],
"datePublic": "2023-05-18T20:41:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "OpenBlue Enterprise Manager Data Collector versions prior to 3.2.5.75 may expose sensitive information to an unauthorized user under certain circumstances."
}
],
"value": "OpenBlue Enterprise Manager Data Collector versions prior to 3.2.5.75 may expose sensitive information to an unauthorized user under certain circumstances."
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-18T20:50:36.726Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-138-04"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update all OpenBlue Enterprise Manager Data Collector firmware to version 3.2.5.75."
}
],
"value": "Update all OpenBlue Enterprise Manager Data Collector firmware to version 3.2.5.75."
},
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Contact your Customer Success Manager to obtain the update.\u003cbr\u003e"
}
],
"value": "Contact your Customer Success Manager to obtain the update.\n"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Exposure of Sensitive Information in OpenBlue Enterprise Manager Data Collector",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2023-2025",
"datePublished": "2023-05-18T20:50:36.726Z",
"dateReserved": "2023-04-13T15:11:24.430Z",
"dateUpdated": "2025-02-12T16:27:48.194Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-2024 (GCVE-0-2023-2024)
Vulnerability from cvelistv5 – Published: 2023-05-18 20:45 – Updated: 2025-02-12 16:27
VLAI
Title
Improper Authentication for OpenBlue Enterprise Manager Data Collector
Summary
Improper authentication in OpenBlue Enterprise Manager Data Collector versions prior to 3.2.5.75 allow access to an unauthorized user under certain circumstances.
Severity
10 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-287 - Improper Authentication
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Johnson Controls | OpenBlue Enterprise Manager Data Collector |
Affected:
0 , < 3.2.5.75
(custom)
|
Date Public
2023-05-18 20:41
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:12:19.681Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-138-04"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-2024",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-21T20:09:01.151668Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T16:27:08.247Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "OpenBlue Enterprise Manager Data Collector",
"vendor": "Johnson Controls",
"versions": [
{
"lessThan": "3.2.5.75",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": " Rushank Shetty, Security Researcher at Northwestern Mutual"
}
],
"datePublic": "2023-05-18T20:41:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper authentication in OpenBlue Enterprise Manager Data Collector versions prior to 3.2.5.75 allow access to an unauthorized user under certain circumstances."
}
],
"value": "Improper authentication in OpenBlue Enterprise Manager Data Collector versions prior to 3.2.5.75 allow access to an unauthorized user under certain circumstances."
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287: Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-18T20:45:01.376Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-138-04"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update all OpenBlue Enterprise Manager Data Collector firmware to version 3.2.5.75."
}
],
"value": "Update all OpenBlue Enterprise Manager Data Collector firmware to version 3.2.5.75."
},
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Contact your Customer Success Manager to obtain the update.\u003cbr\u003e"
}
],
"value": "Contact your Customer Success Manager to obtain the update.\n"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Improper Authentication for OpenBlue Enterprise Manager Data Collector",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2023-2024",
"datePublished": "2023-05-18T20:45:01.376Z",
"dateReserved": "2023-04-13T15:11:18.916Z",
"dateUpdated": "2025-02-12T16:27:08.247Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-21940 (GCVE-0-2022-21940)
Vulnerability from cvelistv5 – Published: 2023-02-09 20:54 – Updated: 2025-03-24 18:12
VLAI
Title
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in System Configuration Tool (SCT)
Summary
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute vulnerability in Johnson Controls System Configuration Tool (SCT) version 14 prior to 14.2.3 and version 15 prior to 15.0.3 could allow access to the cookie.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-614 - Sensitive Cookie in HTTPS Session Without 'Secure' Attribute
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Johnson Controls | System Configuration Tool (SCT) |
Affected:
14 , < 14.2.3
(custom)
Affected: 15 , < 15.0.3 (custom) |
Date Public
2023-02-09 18:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:00:53.815Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-23-040-03"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-21940",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-24T18:12:06.969930Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-24T18:12:16.046Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "System Configuration Tool (SCT)",
"vendor": "Johnson Controls",
"versions": [
{
"lessThan": "14.2.3",
"status": "affected",
"version": "14",
"versionType": "custom"
},
{
"lessThan": "15.0.3",
"status": "affected",
"version": "15",
"versionType": "custom"
}
]
}
],
"datePublic": "2023-02-09T18:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Sensitive Cookie in HTTPS Session Without \u0027Secure\u0027 Attribute vulnerability in Johnson Controls System Configuration Tool (SCT) version 14 prior to 14.2.3 and version 15 prior to 15.0.3 could allow access to the cookie."
}
],
"value": "Sensitive Cookie in HTTPS Session Without \u0027Secure\u0027 Attribute vulnerability in Johnson Controls System Configuration Tool (SCT) version 14 prior to 14.2.3 and version 15 prior to 15.0.3 could allow access to the cookie."
}
],
"impacts": [
{
"capecId": "CAPEC-212",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-212 Functionality Misuse"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-614",
"description": "CWE-614: Sensitive Cookie in HTTPS Session Without \u0027Secure\u0027 Attribute",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-09T20:54:02.226Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-23-040-03"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update SCT version 14 with patch 14.2.3"
}
],
"value": "Update SCT version 14 with patch 14.2.3"
},
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update SCT version 15 with patch 15.0.3\u003cbr\u003e"
}
],
"value": "Update SCT version 15 with patch 15.0.3\n"
},
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Contact your local Johnson Controls office or Authorized Building Control Specialists (ABCS)."
}
],
"value": "Contact your local Johnson Controls office or Authorized Building Control Specialists (ABCS)."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Sensitive Cookie in HTTPS Session Without \u0027Secure\u0027 Attribute in System Configuration Tool (SCT)",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2022-21940",
"datePublished": "2023-02-09T20:54:02.226Z",
"dateReserved": "2021-12-15T20:21:18.771Z",
"dateUpdated": "2025-03-24T18:12:16.046Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-21939 (GCVE-0-2022-21939)
Vulnerability from cvelistv5 – Published: 2023-02-09 20:49 – Updated: 2025-03-24 18:19
VLAI
Title
Sensitive cookie without 'HttpOnly' flag in System Configuration Tool (SCT)
Summary
Sensitive Cookie Without 'HttpOnly' Flag vulnerability in Johnson Controls System Configuration Tool (SCT) version 14 prior to 14.2.3 and version 15 prior to 15.0.3 could allow access to the cookie.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-1004 - Sensitive Cookie Without 'HttpOnly' Flag
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Johnson Controls | System Configuration Tool (SCT) |
Affected:
14 , < 14.2.3
(custom)
Affected: 15 , < 15.0.3 (custom) |
Date Public
2023-02-09 18:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:00:54.427Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-23-040-03"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-21939",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-24T18:19:02.093528Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-24T18:19:12.535Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "System Configuration Tool (SCT)",
"vendor": "Johnson Controls",
"versions": [
{
"lessThan": "14.2.3",
"status": "affected",
"version": "14",
"versionType": "custom"
},
{
"lessThan": "15.0.3",
"status": "affected",
"version": "15",
"versionType": "custom"
}
]
}
],
"datePublic": "2023-02-09T18:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Sensitive Cookie Without \u0027HttpOnly\u0027 Flag vulnerability in Johnson Controls System Configuration Tool (SCT) version 14 prior to 14.2.3 and version 15 prior to 15.0.3 could allow access to the cookie."
}
],
"value": "Sensitive Cookie Without \u0027HttpOnly\u0027 Flag vulnerability in Johnson Controls System Configuration Tool (SCT) version 14 prior to 14.2.3 and version 15 prior to 15.0.3 could allow access to the cookie."
}
],
"impacts": [
{
"capecId": "CAPEC-212",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-212 Functionality Misuse"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1004",
"description": "CWE-1004: Sensitive Cookie Without \u0027HttpOnly\u0027 Flag",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-09T20:49:17.442Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-23-040-03"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update SCT version 14 with patch 14.2.3"
}
],
"value": "Update SCT version 14 with patch 14.2.3"
},
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update SCT version 15 with patch 15.0.3\u003cbr\u003e"
}
],
"value": "Update SCT version 15 with patch 15.0.3\n"
},
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Contact your local Johnson Controls office or Authorized Building Control Specialists (ABCS)."
}
],
"value": "Contact your local Johnson Controls office or Authorized Building Control Specialists (ABCS)."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Sensitive cookie without \u0027HttpOnly\u0027 flag in System Configuration Tool (SCT)",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2022-21939",
"datePublished": "2023-02-09T20:49:17.442Z",
"dateReserved": "2021-12-15T20:21:18.770Z",
"dateUpdated": "2025-03-24T18:19:12.535Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-36204 (GCVE-0-2021-36204)
Vulnerability from cvelistv5 – Published: 2023-01-13 00:00 – Updated: 2025-04-07 19:45
VLAI
Title
Insufficiently Protected Credentials in Metasys
Summary
Under some circumstances an Insufficiently Protected Credentials vulnerability in Johnson Controls Metasys ADS/ADX/OAS 10 versions prior to 10.1.6 and 11 versions prior to 11.0.3 allows API calls to expose credentials in plain text.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-522 - Insufficiently Protected Credentials
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.johnsoncontrols.com/cyber-solutions/s… | |
| https://www.cisa.gov/uscert/ics/advisories/icsa-2… | third-party-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Johnson Controls | Metasys ADS/ADX/OAS |
Affected:
All 10 versions , < 10.1.6
(custom)
Affected: All 11 versions , < 11.0.3 (custom) |
Date Public
2023-01-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:54:51.234Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-23-012-06"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-36204",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-07T19:45:28.404334Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-07T19:45:35.972Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Metasys ADS/ADX/OAS",
"vendor": "Johnson Controls",
"versions": [
{
"lessThan": "10.1.6",
"status": "affected",
"version": "All 10 versions",
"versionType": "custom"
},
{
"lessThan": "11.0.3",
"status": "affected",
"version": "All 11 versions",
"versionType": "custom"
}
]
}
],
"datePublic": "2023-01-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Under some circumstances an Insufficiently Protected Credentials vulnerability in Johnson Controls Metasys ADS/ADX/OAS 10 versions prior to 10.1.6 and 11 versions prior to 11.0.3 allows API calls to expose credentials in plain text."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-522",
"description": "CWE-522: Insufficiently Protected Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-13T00:00:00.000Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"tags": [
"third-party-advisory"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-23-012-06"
}
],
"solutions": [
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS 10 versions with patch 10.1.6."
},
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS 11 versions with patch 11.0.3."
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Insufficiently Protected Credentials in Metasys ",
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2021-36204",
"datePublished": "2023-01-13T00:00:00.000Z",
"dateReserved": "2021-07-06T00:00:00.000Z",
"dateUpdated": "2025-04-07T19:45:35.972Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-36206 (GCVE-0-2021-36206)
Vulnerability from cvelistv5 – Published: 2022-10-28 01:17 – Updated: 2025-05-05 14:37
VLAI
Title
CEVAS
Summary
All versions of CEVAS prior to 1.01.46 do not sufficiently validate user-controllable input and could allow a user to bypass authentication and retrieve data with specially crafted SQL queries.
Severity
10 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.johnsoncontrols.com/cyber-solutions/s… | |
| https://www.cisa.gov/uscert/ics/advisories/icsa-2… | third-party-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Johnson Controls | CEVAS |
Affected:
all versions prior to 1.01.46 , < 1.01.46
(custom)
|
Date Public
2022-10-25 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:54:50.795Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-298-05"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-36206",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-05T14:37:31.041198Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-05T14:37:46.026Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "CEVAS",
"vendor": "Johnson Controls",
"versions": [
{
"lessThan": "1.01.46",
"status": "affected",
"version": "all versions prior to 1.01.46",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Christian Vierschilling and Caroline Moesler reported this vulnerability to Johnson Controls, Inc."
}
],
"datePublic": "2022-10-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "All versions of CEVAS prior to 1.01.46 do not sufficiently validate user-controllable input and could allow a user to bypass authentication and retrieve data with specially crafted SQL queries."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-28T00:00:00.000Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"tags": [
"third-party-advisory"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-298-05"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade CEVAS to version 1.01.46. Contact CKS for the upgrade."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "CEVAS",
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2021-36206",
"datePublished": "2022-10-28T01:17:27.885Z",
"dateReserved": "2021-07-06T00:00:00.000Z",
"dateUpdated": "2025-05-05T14:37:46.026Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-36200 (GCVE-0-2021-36200)
Vulnerability from cvelistv5 – Published: 2022-07-22 14:55 – Updated: 2024-09-16 17:07
VLAI
Title
Metasys ADS/ADX/OAS with MUI
Summary
Under certain circumstances an unauthenticated user could access the the web API for Metasys ADS/ADX/OAS 10 versions prior to 10.1.6 and 11 versions prior to 11.0.2 and enumerate users.
Severity
5.3 (Medium)
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.johnsoncontrols.com/cyber-solutions/s… | x_refsource_CONFIRM |
| https://www.cisa.gov/uscert/ics/advisories/icsa-2… | third-party-advisoryx_refsource_CERT |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Johnson Controls | Metasys ADS/ADX/OAS server |
Affected:
All 10 versions , < 10.1.6
(custom)
Affected: All 11 versions , < 11.0.2 (custom) |
Date Public
2022-07-21 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:54:50.708Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-202-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Metasys ADS/ADX/OAS server",
"vendor": "Johnson Controls",
"versions": [
{
"lessThan": "10.1.6",
"status": "affected",
"version": "All 10 versions",
"versionType": "custom"
},
{
"lessThan": "11.0.2",
"status": "affected",
"version": "All 11 versions",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Alessandro Bosco, Luca Di Giuseppe, Stefano Scipioni, and Massimiliano Brolli of TIM Security Red Team Research"
}
],
"datePublic": "2022-07-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Under certain circumstances an unauthenticated user could access the the web API for Metasys ADS/ADX/OAS 10 versions prior to 10.1.6 and 11 versions prior to 11.0.2 and enumerate users."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306: Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-22T14:55:52.000Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-202-02"
}
],
"solutions": [
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS 10 versions with patch 10.1.6"
},
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS 11 versions with patch 11.0.2"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Metasys ADS/ADX/OAS with MUI",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productsecurity@jci.com",
"DATE_PUBLIC": "2022-07-21T18:57:00.000Z",
"ID": "CVE-2021-36200",
"STATE": "PUBLIC",
"TITLE": "Metasys ADS/ADX/OAS with MUI"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Metasys ADS/ADX/OAS server",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "All 10 versions",
"version_value": "10.1.6"
},
{
"version_affected": "\u003c",
"version_name": "All 11 versions",
"version_value": "11.0.2"
}
]
}
}
]
},
"vendor_name": "Johnson Controls"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Alessandro Bosco, Luca Di Giuseppe, Stefano Scipioni, and Massimiliano Brolli of TIM Security Red Team Research"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Under certain circumstances an unauthenticated user could access the the web API for Metasys ADS/ADX/OAS 10 versions prior to 10.1.6 and 11 versions prior to 11.0.2 and enumerate users."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-306: Missing Authentication for Critical Function"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories",
"refsource": "CONFIRM",
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"refsource": "CERT",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-202-02"
}
]
},
"solution": [
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS 10 versions with patch 10.1.6"
},
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS 11 versions with patch 11.0.2"
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2021-36200",
"datePublished": "2022-07-22T14:55:52.577Z",
"dateReserved": "2021-07-06T00:00:00.000Z",
"dateUpdated": "2024-09-16T17:07:41.371Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-21938 (GCVE-0-2022-21938)
Vulnerability from cvelistv5 – Published: 2022-06-15 20:15 – Updated: 2024-09-16 17:19
VLAI
Title
Metasys MUI Graphics XSS
Summary
Under certain circumstances, a vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 could allow a user to inject malicious code into the MUI Graphics web interface.
Severity
8.1 (High)
CWE
- CWE-79 - Cross-site Scripting (XSS)
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.johnsoncontrols.com/cyber-solutions/s… | x_refsource_CONFIRM |
| https://www.cisa.gov/uscert/ics/advisories/icsa-2… | third-party-advisoryx_refsource_CERT |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Johnson Controls | Metasys ADS/ADX/OAS server |
Affected:
All 10 versions , < 10.1.5
(custom)
Affected: All 11 versions , < 11.0.2 (custom) |
Date Public
2022-06-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:00:54.320Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-165-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Metasys ADS/ADX/OAS server",
"vendor": "Johnson Controls",
"versions": [
{
"lessThan": "10.1.5",
"status": "affected",
"version": "All 10 versions",
"versionType": "custom"
},
{
"lessThan": "11.0.2",
"status": "affected",
"version": "All 11 versions",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-06-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Under certain circumstances, a vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 could allow a user to inject malicious code into the MUI Graphics web interface."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-15T20:15:35.000Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-165-01"
}
],
"solutions": [
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS 10 versions with patch 10.1.5."
},
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS 11 versions with patch 11.0.2."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Metasys MUI Graphics XSS",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productsecurity@jci.com",
"DATE_PUBLIC": "2022-06-14T19:41:00.000Z",
"ID": "CVE-2022-21938",
"STATE": "PUBLIC",
"TITLE": "Metasys MUI Graphics XSS"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Metasys ADS/ADX/OAS server",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "All 10 versions",
"version_value": "10.1.5"
},
{
"version_affected": "\u003c",
"version_name": "All 11 versions",
"version_value": "11.0.2"
}
]
}
}
]
},
"vendor_name": "Johnson Controls"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Under certain circumstances, a vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 could allow a user to inject malicious code into the MUI Graphics web interface."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories",
"refsource": "CONFIRM",
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"refsource": "CERT",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-165-01"
}
]
},
"solution": [
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS 10 versions with patch 10.1.5."
},
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS 11 versions with patch 11.0.2."
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2022-21938",
"datePublished": "2022-06-15T20:15:35.912Z",
"dateReserved": "2021-12-15T00:00:00.000Z",
"dateUpdated": "2024-09-16T17:19:16.453Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-21935 (GCVE-0-2022-21935)
Vulnerability from cvelistv5 – Published: 2022-06-15 19:57 – Updated: 2024-09-16 19:57
VLAI
Title
Metasys password guessing
Summary
A vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 allows unverified password change.
Severity
7.5 (High)
CWE
- CWE-620 - Unverified Password Change
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.johnsoncontrols.com/cyber-solutions/s… | x_refsource_CONFIRM |
| https://www.cisa.gov/uscert/ics/advisories/icsa-2… | third-party-advisoryx_refsource_CERT |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Johnson Controls | Metasys ADS/ADX/OAS server |
Affected:
All 10 versions , < 10.1.5
(custom)
Affected: All 11 versions , < 11.0.2 (custom) |
Date Public
2022-06-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:00:54.509Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-165-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Metasys ADS/ADX/OAS server",
"vendor": "Johnson Controls",
"versions": [
{
"lessThan": "10.1.5",
"status": "affected",
"version": "All 10 versions",
"versionType": "custom"
},
{
"lessThan": "11.0.2",
"status": "affected",
"version": "All 11 versions",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-06-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 allows unverified password change."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-620",
"description": "CWE-620 Unverified Password Change",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-15T19:57:01.000Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-165-01"
}
],
"solutions": [
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS 10 versions with patch 10.1.5."
},
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS 11 versions with patch 11.0.2."
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Metasys password guessing",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productsecurity@jci.com",
"DATE_PUBLIC": "2022-06-14T19:41:00.000Z",
"ID": "CVE-2022-21935",
"STATE": "PUBLIC",
"TITLE": "Metasys password guessing"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Metasys ADS/ADX/OAS server",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "All 10 versions",
"version_value": "10.1.5"
},
{
"version_affected": "\u003c",
"version_name": "All 11 versions",
"version_value": "11.0.2"
}
]
}
}
]
},
"vendor_name": "Johnson Controls"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 allows unverified password change."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-620 Unverified Password Change"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories",
"refsource": "CONFIRM",
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"refsource": "CERT",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-165-01"
}
]
},
"solution": [
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS 10 versions with patch 10.1.5."
},
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS 11 versions with patch 11.0.2."
}
],
"source": {
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2022-21935",
"datePublished": "2022-06-15T19:57:01.029Z",
"dateReserved": "2021-12-15T00:00:00.000Z",
"dateUpdated": "2024-09-16T19:57:26.166Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-21937 (GCVE-0-2022-21937)
Vulnerability from cvelistv5 – Published: 2022-06-15 19:37 – Updated: 2024-09-16 18:23
VLAI
Title
Metasys CSS
Summary
Under certain circumstances, a vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 could allow a user to inject malicious code into the web interface.
Severity
8.7 (High)
CWE
- CWE-79 - Cross-site Scripting (XSS)
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.johnsoncontrols.com/cyber-solutions/s… | x_refsource_CONFIRM |
| https://www.cisa.gov/uscert/ics/advisories/icsa-2… | third-party-advisoryx_refsource_CERT |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Johnson Controls | Metasys ADS/ADX/OAS server |
Affected:
All 10 versions , < 10.1.5
(custom)
Affected: All 11 versions , < 11.0.2 (custom) |
Date Public
2022-06-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:00:54.464Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-165-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Metasys ADS/ADX/OAS server",
"vendor": "Johnson Controls",
"versions": [
{
"lessThan": "10.1.5",
"status": "affected",
"version": "All 10 versions",
"versionType": "custom"
},
{
"lessThan": "11.0.2",
"status": "affected",
"version": "All 11 versions",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-06-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Under certain circumstances, a vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 could allow a user to inject malicious code into the web interface."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-15T19:37:55.000Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-165-01"
}
],
"solutions": [
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS 10 versions with patch 10.1.5."
},
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS 11 versions with patch 11.0.2."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Metasys CSS",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productsecurity@jci.com",
"DATE_PUBLIC": "2022-06-14T19:41:00.000Z",
"ID": "CVE-2022-21937",
"STATE": "PUBLIC",
"TITLE": "Metasys CSS"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Metasys ADS/ADX/OAS server",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "All 10 versions",
"version_value": "10.1.5"
},
{
"version_affected": "\u003c",
"version_name": "All 11 versions",
"version_value": "11.0.2"
}
]
}
}
]
},
"vendor_name": "Johnson Controls"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Under certain circumstances, a vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 could allow a user to inject malicious code into the web interface."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories",
"refsource": "CONFIRM",
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"refsource": "CERT",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-165-01"
}
]
},
"solution": [
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS 10 versions with patch 10.1.5."
},
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS 11 versions with patch 11.0.2."
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2022-21937",
"datePublished": "2022-06-15T19:37:55.529Z",
"dateReserved": "2021-12-15T00:00:00.000Z",
"dateUpdated": "2024-09-16T18:23:37.977Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-21934 (GCVE-0-2022-21934)
Vulnerability from cvelistv5 – Published: 2022-05-06 15:55 – Updated: 2024-09-16 18:24
VLAI
Title
Metasys Unverified Password Change
Summary
Under certain circumstances an authenticated user could lock other users out of the system or take over their accounts in Metasys ADS/ADX/OAS server 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS server 11 versions prior to 11.0.2.
Severity
CWE
- CWE-620 - Unverified Password Change
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.johnsoncontrols.com/cyber-solutions/s… | x_refsource_CONFIRM |
| https://www.cisa.gov/uscert/ics/advisories/icsa-2… | third-party-advisoryx_refsource_CERT |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Johnson Controls | Metasys ADS/ADX/OAS server |
Affected:
All 10 versions , < 10.1.5
(custom)
Affected: All 11 versions , < 11.0.2 (custom) |
Date Public
2022-05-05 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:00:54.461Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-125-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Metasys ADS/ADX/OAS server",
"vendor": "Johnson Controls",
"versions": [
{
"lessThan": "10.1.5",
"status": "affected",
"version": "All 10 versions",
"versionType": "custom"
},
{
"lessThan": "11.0.2",
"status": "affected",
"version": "All 11 versions",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-05-05T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Under certain circumstances an authenticated user could lock other users out of the system or take over their accounts in Metasys ADS/ADX/OAS server 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS server 11 versions prior to 11.0.2."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-620",
"description": "CWE-620: Unverified Password Change",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-06T15:55:23.000Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-125-01"
}
],
"solutions": [
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS 10 versions with patch 10.1.5."
},
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS 11 versions with patch 11.0.2."
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Metasys Unverified Password Change",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productsecurity@jci.com",
"DATE_PUBLIC": "2022-05-05T19:36:00.000Z",
"ID": "CVE-2022-21934",
"STATE": "PUBLIC",
"TITLE": "Metasys Unverified Password Change"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Metasys ADS/ADX/OAS server",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "All 10 versions",
"version_value": "10.1.5"
},
{
"version_affected": "\u003c",
"version_name": "All 11 versions",
"version_value": "11.0.2"
}
]
}
}
]
},
"vendor_name": "Johnson Controls"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Under certain circumstances an authenticated user could lock other users out of the system or take over their accounts in Metasys ADS/ADX/OAS server 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS server 11 versions prior to 11.0.2."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-620: Unverified Password Change"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories",
"refsource": "CONFIRM",
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"refsource": "CERT",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-125-01"
}
]
},
"solution": [
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS 10 versions with patch 10.1.5."
},
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS 11 versions with patch 11.0.2."
}
],
"source": {
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2022-21934",
"datePublished": "2022-05-06T15:55:23.784Z",
"dateReserved": "2021-12-15T00:00:00.000Z",
"dateUpdated": "2024-09-16T18:24:30.056Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-36207 (GCVE-0-2021-36207)
Vulnerability from cvelistv5 – Published: 2022-04-29 16:39 – Updated: 2024-09-17 00:11
VLAI
Title
Metasys privilege management
Summary
Under certain circumstances improper privilege management in Metasys ADS/ADX/OAS servers versions 10 and 11 could allow an authenticated user to elevate their privileges to administrator.
Severity
8.8 (High)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.johnsoncontrols.com/cyber-solutions/s… | x_refsource_CONFIRM |
| https://www.cisa.gov/uscert/ics/advisories/icsa-2… | third-party-advisoryx_refsource_CERT |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Johnson Controls | Metasys ADS/ADX/OAS server |
Affected:
All 10 versions , < 10.1.5
(custom)
Affected: All 11 versions , < 11.0.2 (custom) |
Date Public
2022-04-28 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:54:50.990Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-118-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Metasys ADS/ADX/OAS server",
"vendor": "Johnson Controls",
"versions": [
{
"lessThan": "10.1.5",
"status": "affected",
"version": "All 10 versions",
"versionType": "custom"
},
{
"lessThan": "11.0.2",
"status": "affected",
"version": "All 11 versions",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Under certain circumstances improper privilege management in Metasys ADS/ADX/OAS servers versions 10 and 11 could allow an authenticated user to elevate their privileges to administrator."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269: Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-29T16:39:14.000Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-118-01"
}
],
"solutions": [
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS Servers versions 10 with patch 10.1.5"
},
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS Servers versions 11 with patch 11.0.2"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Metasys privilege management",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productsecurity@jci.com",
"DATE_PUBLIC": "2022-04-28T18:39:00.000Z",
"ID": "CVE-2021-36207",
"STATE": "PUBLIC",
"TITLE": "Metasys privilege management"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Metasys ADS/ADX/OAS server",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "All 10 versions",
"version_value": "10.1.5"
},
{
"version_affected": "\u003c",
"version_name": "All 11 versions",
"version_value": "11.0.2"
}
]
}
}
]
},
"vendor_name": "Johnson Controls"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Under certain circumstances improper privilege management in Metasys ADS/ADX/OAS servers versions 10 and 11 could allow an authenticated user to elevate their privileges to administrator."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-269: Improper Privilege Management"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories",
"refsource": "CONFIRM",
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"refsource": "CERT",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-118-01"
}
]
},
"solution": [
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS Servers versions 10 with patch 10.1.5"
},
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS Servers versions 11 with patch 11.0.2"
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2021-36207",
"datePublished": "2022-04-29T16:39:14.893Z",
"dateReserved": "2021-07-06T00:00:00.000Z",
"dateUpdated": "2024-09-17T00:11:33.212Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-36203 (GCVE-0-2021-36203)
Vulnerability from cvelistv5 – Published: 2022-04-22 14:44 – Updated: 2024-09-17 02:12
VLAI
Title
Johnson Controls Metasys SCT Pro
Summary
The affected product may allow an attacker to identify and forge requests to internal systems by way of a specially crafted request.
Severity
5.3 (Medium)
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.cisa.gov/uscert/ics/advisories/icsa-2… | x_refsource_MISC |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Johnnson Controls | Metasys System Configuration Tool (SCT) |
Affected:
All , < 14.2.2
(custom)
|
|
| Johnnson Controls | Metasys System Configuration Tool Pro (SCT Pro) |
Affected:
All , < 14.2.2
(custom)
|
Date Public
2022-04-21 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:54:50.703Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-111-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Metasys System Configuration Tool (SCT)",
"vendor": "Johnnson Controls",
"versions": [
{
"lessThan": "14.2.2",
"status": "affected",
"version": "All",
"versionType": "custom"
}
]
},
{
"product": "Metasys System Configuration Tool Pro (SCT Pro)",
"vendor": "Johnnson Controls",
"versions": [
{
"lessThan": "14.2.2",
"status": "affected",
"version": "All",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Tony West and Scott Ponte reported this vulnerability to Johnson Controls. Johnson Controls reported this vulnerability to CISA."
}
],
"datePublic": "2022-04-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The affected product may allow an attacker to identify and forge requests to internal systems by way of a specially crafted request."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-03T19:29:50.000Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-111-02"
}
],
"solutions": [
{
"lang": "en",
"value": "Johnson Controls recommends users take the following steps to mitigate this vulnerability:\n\nUpdate SCT/SCT Pro with Patch 14.2.2\nTake proper steps to minimize risks to all building automation systems.\nFor more detailed mitigation instructions, please see Johnson Controls Product Security Advisory JCI-PSA-2022-03 v1"
}
],
"source": {
"advisory": "ICSA-22-111-02",
"discovery": "EXTERNAL"
},
"title": "Johnson Controls Metasys SCT Pro",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productsecurity@jci.com",
"DATE_PUBLIC": "2022-04-21T17:00:00.000Z",
"ID": "CVE-2021-36203",
"STATE": "PUBLIC",
"TITLE": "Johnson Controls Metasys SCT Pro"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Metasys System Configuration Tool (SCT)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "All",
"version_value": "14.2.2"
}
]
}
},
{
"product_name": "Metasys System Configuration Tool Pro (SCT Pro)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "All",
"version_value": "14.2.2"
}
]
}
}
]
},
"vendor_name": "Johnnson Controls"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Tony West and Scott Ponte reported this vulnerability to Johnson Controls. Johnson Controls reported this vulnerability to CISA."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The affected product may allow an attacker to identify and forge requests to internal systems by way of a specially crafted request."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-918 Server-Side Request Forgery (SSRF)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-111-02",
"refsource": "MISC",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-111-02"
}
]
},
"solution": [
{
"lang": "en",
"value": "Johnson Controls recommends users take the following steps to mitigate this vulnerability:\n\nUpdate SCT/SCT Pro with Patch 14.2.2\nTake proper steps to minimize risks to all building automation systems.\nFor more detailed mitigation instructions, please see Johnson Controls Product Security Advisory JCI-PSA-2022-03 v1"
}
],
"source": {
"advisory": "ICSA-22-111-02",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2021-36203",
"datePublished": "2022-04-22T14:44:10.638Z",
"dateReserved": "2021-07-06T00:00:00.000Z",
"dateUpdated": "2024-09-17T02:12:16.472Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-36205 (GCVE-0-2021-36205)
Vulnerability from cvelistv5 – Published: 2022-04-15 16:24 – Updated: 2024-09-16 23:41
VLAI
Title
Metasys session token
Summary
Under certain circumstances the session token is not cleared on logout.
Severity
8.1 (High)
CWE
- CWE-459 - Incomplete Cleanup
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.johnsoncontrols.com/cyber-solutions/s… | x_refsource_CONFIRM |
| https://www.cisa.gov/uscert/ics/advisories/icsa-2… | third-party-advisoryx_refsource_CERT |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Johnson Controls | Metasys |
Affected:
All 10 versions , < 10.1.5
(custom)
Affected: All 11 versions , < 11.0.2 (custom) |
Date Public
2022-04-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:54:50.703Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Metasys",
"vendor": "Johnson Controls",
"versions": [
{
"lessThan": "10.1.5",
"status": "affected",
"version": "All 10 versions",
"versionType": "custom"
},
{
"lessThan": "11.0.2",
"status": "affected",
"version": "All 11 versions",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Under certain circumstances the session token is not cleared on logout."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-459",
"description": "CWE-459: Incomplete Cleanup",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-15T16:24:48.000Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-02"
}
],
"solutions": [
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS 10 versions with patch 10.1.5"
},
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS 11 versions with patch 11.0.2"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Metasys session token",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productsecurity@jci.com",
"DATE_PUBLIC": "2022-04-14T20:43:00.000Z",
"ID": "CVE-2021-36205",
"STATE": "PUBLIC",
"TITLE": "Metasys session token"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Metasys",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "All 10 versions",
"version_value": "10.1.5"
},
{
"version_affected": "\u003c",
"version_name": "All 11 versions",
"version_value": "11.0.2"
}
]
}
}
]
},
"vendor_name": "Johnson Controls"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Under certain circumstances the session token is not cleared on logout."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-459: Incomplete Cleanup"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories",
"refsource": "CONFIRM",
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"refsource": "CERT",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-02"
}
]
},
"solution": [
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS 10 versions with patch 10.1.5"
},
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS 11 versions with patch 11.0.2"
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2021-36205",
"datePublished": "2022-04-15T16:24:48.570Z",
"dateReserved": "2021-07-06T00:00:00.000Z",
"dateUpdated": "2024-09-16T23:41:01.659Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-26643 (GCVE-0-2022-26643)
Vulnerability from cvelistv5 – Published: 2022-04-13 13:28 – Updated: 2024-08-03 05:11
VLAI
Summary
An issue in EasyIO CPT Graphics v0.8 allows attackers to discover valid users in the application.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://cpt.com | x_refsource_MISC |
| http://easyio.com | x_refsource_MISC |
| https://gist.github.com/rvismit/3fd33b47a753e1b70… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:11:43.351Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://cpt.com"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://easyio.com"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gist.github.com/rvismit/3fd33b47a753e1b7065421f42b2dd496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue in EasyIO CPT Graphics v0.8 allows attackers to discover valid users in the application."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-13T13:28:18.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://cpt.com"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://easyio.com"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gist.github.com/rvismit/3fd33b47a753e1b7065421f42b2dd496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-26643",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue in EasyIO CPT Graphics v0.8 allows attackers to discover valid users in the application."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://cpt.com",
"refsource": "MISC",
"url": "http://cpt.com"
},
{
"name": "http://easyio.com",
"refsource": "MISC",
"url": "http://easyio.com"
},
{
"name": "https://gist.github.com/rvismit/3fd33b47a753e1b7065421f42b2dd496",
"refsource": "MISC",
"url": "https://gist.github.com/rvismit/3fd33b47a753e1b7065421f42b2dd496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-26643",
"datePublished": "2022-04-13T13:28:18.000Z",
"dateReserved": "2022-03-07T00:00:00.000Z",
"dateUpdated": "2024-08-03T05:11:43.351Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-36202 (GCVE-0-2021-36202)
Vulnerability from cvelistv5 – Published: 2022-04-07 19:12 – Updated: 2024-09-17 01:50
VLAI
Title
Metasys UI
Summary
Server-Side Request Forgery (SSRF) vulnerability in Johnson Controls Metasys could allow an authenticated attacker to inject malicious code into the MUI PDF export feature. This issue affects: Johnson Controls Metasys All 10 versions versions prior to 10.1.5; All 11 versions versions prior to 11.0.2.
Severity
8.4 (High)
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.johnsoncontrols.com/cyber-solutions/s… | x_refsource_CONFIRM |
| https://www.cisa.gov/uscert/ics/advisories/icsa-2… | third-party-advisoryx_refsource_CERT |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Johnson Controls | Metasys |
Affected:
All 10 versions , < 10.1.5
(custom)
Affected: All 11 versions , < 11.0.2 (custom) |
Date Public
2022-04-07 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:54:50.839Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-095-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Metasys",
"vendor": "Johnson Controls",
"versions": [
{
"lessThan": "10.1.5",
"status": "affected",
"version": "All 10 versions",
"versionType": "custom"
},
{
"lessThan": "11.0.2",
"status": "affected",
"version": "All 11 versions",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Tony West"
}
],
"datePublic": "2022-04-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Server-Side Request Forgery (SSRF) vulnerability in Johnson Controls Metasys could allow an authenticated attacker to inject malicious code into the MUI PDF export feature. This issue affects: Johnson Controls Metasys All 10 versions versions prior to 10.1.5; All 11 versions versions prior to 11.0.2."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918: Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-07T19:13:04.000Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-095-02"
}
],
"solutions": [
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS 10 versions with patch 10.1.5."
},
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS 11 versions with patch 11.0.2."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Metasys UI",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productsecurity@jci.com",
"DATE_PUBLIC": "2022-04-07T13:07:00.000Z",
"ID": "CVE-2021-36202",
"STATE": "PUBLIC",
"TITLE": "Metasys UI"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Metasys",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "All 10 versions",
"version_value": "10.1.5"
},
{
"version_affected": "\u003c",
"version_name": "All 11 versions",
"version_value": "11.0.2"
}
]
}
}
]
},
"vendor_name": "Johnson Controls"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Tony West"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Server-Side Request Forgery (SSRF) vulnerability in Johnson Controls Metasys could allow an authenticated attacker to inject malicious code into the MUI PDF export feature. This issue affects: Johnson Controls Metasys All 10 versions versions prior to 10.1.5; All 11 versions versions prior to 11.0.2."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-918: Server-Side Request Forgery (SSRF)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories",
"refsource": "CONFIRM",
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"refsource": "CERT",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-095-02"
}
]
},
"solution": [
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS 10 versions with patch 10.1.5."
},
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS 11 versions with patch 11.0.2."
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2021-36202",
"datePublished": "2022-04-07T19:12:48.421Z",
"dateReserved": "2021-07-06T00:00:00.000Z",
"dateUpdated": "2024-09-17T01:50:52.203Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-36199 (GCVE-0-2021-36199)
Vulnerability from cvelistv5 – Published: 2022-01-14 19:10 – Updated: 2024-09-16 18:44
VLAI
Title
VideoEdge
Summary
Running a vulnerability scanner against VideoEdge NVRs can cause some functionality to stop.
Severity
5.3 (Medium)
CWE
- CWE-228 - Improper Handling of Syntactically Invalid Structure
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.johnsoncontrols.com/cyber-solutions/s… | x_refsource_CONFIRM |
| https://us-cert.gov/ics/advisories/ICSA-22-011-01 | third-party-advisoryx_refsource_CERT |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Johnson Controls | VideoEdge |
Affected:
5.4.1 to 5.7.1
|
Date Public
2022-01-11 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:54:50.683Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "https://us-cert.gov/ics/advisories/ICSA-22-011-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VideoEdge",
"vendor": "Johnson Controls",
"versions": [
{
"status": "affected",
"version": "5.4.1 to 5.7.1"
}
]
}
],
"datePublic": "2022-01-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Running a vulnerability scanner against VideoEdge NVRs can cause some functionality to stop."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-228",
"description": "CWE-228: Improper Handling of Syntactically Invalid Structure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-14T19:10:42.000Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "https://us-cert.gov/ics/advisories/ICSA-22-011-01"
}
],
"solutions": [
{
"lang": "en",
"value": "Update VideoEdge with hot fix for versions 5.4.1 to 5.7.1 or upgrade VideoEdge to version 5.9."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "VideoEdge",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productsecurity@jci.com",
"DATE_PUBLIC": "2022-01-11T19:30:00.000Z",
"ID": "CVE-2021-36199",
"STATE": "PUBLIC",
"TITLE": "VideoEdge"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VideoEdge",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "5.4.1 to 5.7.1",
"version_value": "5.4.1 to 5.7.1"
}
]
}
}
]
},
"vendor_name": "Johnson Controls"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Running a vulnerability scanner against VideoEdge NVRs can cause some functionality to stop."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-228: Improper Handling of Syntactically Invalid Structure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories",
"refsource": "CONFIRM",
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"refsource": "CERT",
"url": "https://us-cert.gov/ics/advisories/ICSA-22-011-01"
}
]
},
"solution": [
{
"lang": "en",
"value": "Update VideoEdge with hot fix for versions 5.4.1 to 5.7.1 or upgrade VideoEdge to version 5.9."
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2021-36199",
"datePublished": "2022-01-14T19:10:42.869Z",
"dateReserved": "2021-07-06T00:00:00.000Z",
"dateUpdated": "2024-09-16T18:44:18.470Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-36198 (GCVE-0-2021-36198)
Vulnerability from cvelistv5 – Published: 2021-12-06 16:54 – Updated: 2024-09-16 16:38
VLAI
Title
Entrapass
Summary
Successful exploitation of this vulnerability could allow an unauthorized user to access sensitive data.
Severity
8.3 (High)
CWE
- CWE-200 - Information Exposure
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.johnsoncontrols.com/cyber-solutions/s… | x_refsource_CONFIRM |
| https://us-cert.gov/ics/advisories/ICSA-21-336-02 | third-party-advisoryx_refsource_CERT |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Johnson Controls | Entrapass |
Affected:
all versions prior to 8.40 , < 8.40
(custom)
|
Date Public
2021-12-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:54:51.398Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "https://us-cert.gov/ics/advisories/ICSA-21-336-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Entrapass",
"vendor": "Johnson Controls",
"versions": [
{
"lessThan": "8.40",
"status": "affected",
"version": "all versions prior to 8.40",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-12-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Successful exploitation of this vulnerability could allow an unauthorized user to access sensitive data."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Information Exposure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-06T16:54:42.000Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "https://us-cert.gov/ics/advisories/ICSA-21-336-02"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade Entrapass to version 8.40."
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Entrapass",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productsecurity@jci.com",
"DATE_PUBLIC": "2021-12-02T21:34:00.000Z",
"ID": "CVE-2021-36198",
"STATE": "PUBLIC",
"TITLE": "Entrapass"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Entrapass",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "all versions prior to 8.40",
"version_value": "8.40"
}
]
}
}
]
},
"vendor_name": "Johnson Controls"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Successful exploitation of this vulnerability could allow an unauthorized user to access sensitive data."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200 Information Exposure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories",
"refsource": "CONFIRM",
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"refsource": "CERT",
"url": "https://us-cert.gov/ics/advisories/ICSA-21-336-02"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade Entrapass to version 8.40."
}
],
"source": {
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2021-36198",
"datePublished": "2021-12-06T16:54:42.792Z",
"dateReserved": "2021-07-06T00:00:00.000Z",
"dateUpdated": "2024-09-16T16:38:54.666Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-27665 (GCVE-0-2021-27665)
Vulnerability from cvelistv5 – Published: 2021-10-11 15:26 – Updated: 2024-09-17 02:53
VLAI
Title
exacqVision Server 32-bit
Summary
An unauthenticated remote user could exploit a potential integer overflow condition in the exacqVision Server with a specially crafted script and cause denial-of-service condition.
Severity
7.5 (High)
CWE
- CWE-190 - Integer Overflow or Wraparound
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.johnsoncontrols.com/cyber-solutions/s… | x_refsource_CONFIRM |
| https://us-cert.gov/ics/advisories/icsa-21-280-03 | third-party-advisoryx_refsource_CERT |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Johnson Controls | exacqVision Web Service |
Affected:
21.06.11.0 , ≤ 21.06.11.0
(custom)
|
Date Public
2021-10-07 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T21:26:10.799Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "https://us-cert.gov/ics/advisories/icsa-21-280-03"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "exacqVision Web Service",
"vendor": "Johnson Controls",
"versions": [
{
"lessThanOrEqual": "21.06.11.0",
"status": "affected",
"version": "21.06.11.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Tenable Research"
}
],
"datePublic": "2021-10-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An unauthenticated remote user could exploit a potential integer overflow condition in the exacqVision Server with a specially crafted script and cause denial-of-service condition."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-190",
"description": "CWE-190: Integer Overflow or Wraparound",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-11T15:26:09.000Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "https://us-cert.gov/ics/advisories/icsa-21-280-03"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade exacqVision Server 32-bit to version 21.09 or upgrade to exacqVision Server 64-bit\n\nCurrent users can obtain the critical software update from the Software Download location at: https://www.exacq.com/support/downloads.php"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "exacqVision Server 32-bit",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productsecurity@jci.com",
"DATE_PUBLIC": "2021-10-07T18:16:00.000Z",
"ID": "CVE-2021-27665",
"STATE": "PUBLIC",
"TITLE": "exacqVision Server 32-bit"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "exacqVision Web Service",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "21.06.11.0",
"version_value": "21.06.11.0"
}
]
}
}
]
},
"vendor_name": "Johnson Controls"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Tenable Research"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An unauthenticated remote user could exploit a potential integer overflow condition in the exacqVision Server with a specially crafted script and cause denial-of-service condition."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-190: Integer Overflow or Wraparound"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories",
"refsource": "CONFIRM",
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"refsource": "CERT",
"url": "https://us-cert.gov/ics/advisories/icsa-21-280-03"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade exacqVision Server 32-bit to version 21.09 or upgrade to exacqVision Server 64-bit\n\nCurrent users can obtain the critical software update from the Software Download location at: https://www.exacq.com/support/downloads.php"
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2021-27665",
"datePublished": "2021-10-11T15:26:09.316Z",
"dateReserved": "2021-02-24T00:00:00.000Z",
"dateUpdated": "2024-09-17T02:53:35.571Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-27664 (GCVE-0-2021-27664)
Vulnerability from cvelistv5 – Published: 2021-10-11 15:21 – Updated: 2024-09-17 03:55
VLAI
Title
exacqVision Web Service
Summary
Under certain configurations an unauthenticated remote user could be given access to credentials stored in the exacqVision Server.
Severity
9.8 (Critical)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.johnsoncontrols.com/cyber-solutions/s… | x_refsource_CONFIRM |
| https://us-cert.gov/ics/advisories/icsa-21-280-01 | third-party-advisoryx_refsource_CERT |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Johnson Controls | exacqVision Web Service |
Affected:
21.06.11.0 , ≤ 21.06.11.0
(custom)
|
Date Public
2021-10-07 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T21:26:10.783Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "https://us-cert.gov/ics/advisories/icsa-21-280-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "exacqVision Web Service",
"vendor": "Johnson Controls",
"versions": [
{
"lessThanOrEqual": "21.06.11.0",
"status": "affected",
"version": "21.06.11.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Tenable Research"
}
],
"datePublic": "2021-10-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Under certain configurations an unauthenticated remote user could be given access to credentials stored in the exacqVision Server."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269: Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-11T15:21:08.000Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "https://us-cert.gov/ics/advisories/icsa-21-280-01"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade exacqVision Web Service to version 21.09.\n\nCurrent users can obtain the critical software update from the Software Download location at: https://www.exacq.com/support/downloads.php"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "exacqVision Web Service",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productsecurity@jci.com",
"DATE_PUBLIC": "2021-10-07T18:16:00.000Z",
"ID": "CVE-2021-27664",
"STATE": "PUBLIC",
"TITLE": "exacqVision Web Service"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "exacqVision Web Service",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "21.06.11.0",
"version_value": "21.06.11.0"
}
]
}
}
]
},
"vendor_name": "Johnson Controls"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Tenable Research"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Under certain configurations an unauthenticated remote user could be given access to credentials stored in the exacqVision Server."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-269: Improper Privilege Management"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories",
"refsource": "CONFIRM",
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"refsource": "CERT",
"url": "https://us-cert.gov/ics/advisories/icsa-21-280-01"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade exacqVision Web Service to version 21.09.\n\nCurrent users can obtain the critical software update from the Software Download location at: https://www.exacq.com/support/downloads.php"
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2021-27664",
"datePublished": "2021-10-11T15:21:08.472Z",
"dateReserved": "2021-02-24T00:00:00.000Z",
"dateUpdated": "2024-09-17T03:55:00.216Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-27659 (GCVE-0-2021-27659)
Vulnerability from cvelistv5 – Published: 2021-06-24 13:59 – Updated: 2024-09-16 18:34
VLAI
Title
exacqVision Web Service CSS
Summary
exacqVision Web Service 21.03 does not sufficiently validate, filter, escape, and/or encode user-controllable input before it is placed in output that is used as a web page that is served to other users.
Severity
5.3 (Medium)
CWE
- CWE-79 - Cross-site Scripting (XSS)
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.johnsoncontrols.com/cyber-solutions/s… | x_refsource_CONFIRM |
| https://us-cert.gov/ics/advisories | third-party-advisoryx_refsource_CERT |
| https://us-cert.cisa.gov/ics/advisories/icsa-21-180-01 | third-party-advisoryx_refsource_CERT |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Johnson Controls | exacqVision Web Service |
Affected:
All versions up to and including 21.03 , ≤ 21.03
(custom)
|
Date Public
2021-06-24 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T21:26:10.663Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "https://us-cert.gov/ics/advisories"
},
{
"name": "ICS-CERT Advisory",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-180-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "exacqVision Web Service",
"vendor": "Johnson Controls",
"versions": [
{
"lessThanOrEqual": "21.03",
"status": "affected",
"version": "All versions up to and including 21.03",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Milan Kyselica, Roman Stevanak"
}
],
"datePublic": "2021-06-24T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "exacqVision Web Service 21.03 does not sufficiently validate, filter, escape, and/or encode user-controllable input before it is placed in output that is used as a web page that is served to other users."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-30T15:25:00.000Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "https://us-cert.gov/ics/advisories"
},
{
"name": "ICS-CERT Advisory",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-180-01"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade all previous versions of exacqVision Web Service to the latest version of 21.06.\n\nCurrent users can obtain the critical software update from the Software Downloads location at https://www.exacq.com/support/downloads.php."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "exacqVision Web Service CSS",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productsecurity@jci.com",
"DATE_PUBLIC": "2021-06-24T06:00:00.000Z",
"ID": "CVE-2021-27659",
"STATE": "PUBLIC",
"TITLE": "exacqVision Web Service CSS"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "exacqVision Web Service",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "All versions up to and including 21.03",
"version_value": "21.03"
}
]
}
}
]
},
"vendor_name": "Johnson Controls"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Milan Kyselica, Roman Stevanak"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "exacqVision Web Service 21.03 does not sufficiently validate, filter, escape, and/or encode user-controllable input before it is placed in output that is used as a web page that is served to other users."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories",
"refsource": "CONFIRM",
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"refsource": "CERT",
"url": "https://us-cert.gov/ics/advisories"
},
{
"name": "ICS-CERT Advisory",
"refsource": "CERT",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-180-01"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade all previous versions of exacqVision Web Service to the latest version of 21.06.\n\nCurrent users can obtain the critical software update from the Software Downloads location at https://www.exacq.com/support/downloads.php."
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2021-27659",
"datePublished": "2021-06-24T13:59:12.883Z",
"dateReserved": "2021-02-24T00:00:00.000Z",
"dateUpdated": "2024-09-16T18:34:21.318Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}