Vulnerabilites related to johnsoncontrols - metasys_open_application_server
Vulnerability from fkie_nvd
Published
2022-04-15 17:15
Modified
2024-11-21 06:13
Severity ?
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Under certain circumstances the session token is not cleared on logout.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| productsecurity@jci.com | https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-02 | Third Party Advisory, US Government Resource | |
| productsecurity@jci.com | https://www.johnsoncontrols.com/cyber-solutions/security-advisories | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-02 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.johnsoncontrols.com/cyber-solutions/security-advisories | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_application_and_data_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "269B868C-D8D5-4726-BD49-9B25DA149188",
"versionEndExcluding": "10.1.5",
"versionStartIncluding": "10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_application_and_data_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA242516-72AD-4835-BE94-662CECD1DF78",
"versionEndExcluding": "11.0.2",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_extended_application_and_data_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F46EAB9-4A55-4488-A7A2-79FE4B0CA66F",
"versionEndExcluding": "10.1.5",
"versionStartIncluding": "10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_extended_application_and_data_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B02A5890-8965-4CB6-B009-9C741D4D97F4",
"versionEndExcluding": "11.0.2",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_open_application_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E3CC754C-B8D2-4CE0-AC12-1B53CB71055D",
"versionEndExcluding": "10.1.5",
"versionStartIncluding": "10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_open_application_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16B43D40-5D24-4011-B5E3-676EF38C2751",
"versionEndExcluding": "11.0.2",
"versionStartIncluding": "11.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Under certain circumstances the session token is not cleared on logout."
},
{
"lang": "es",
"value": "Bajo determinadas circunstancias el token de sesi\u00f3n no es borrado al cerrar la sesi\u00f3n"
}
],
"id": "CVE-2021-36205",
"lastModified": "2024-11-21T06:13:18.920",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "productsecurity@jci.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-15T17:15:08.517",
"references": [
{
"source": "productsecurity@jci.com",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-02"
},
{
"source": "productsecurity@jci.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
}
],
"sourceIdentifier": "productsecurity@jci.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-459"
}
],
"source": "productsecurity@jci.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-459"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-04-07 20:15
Modified
2024-11-21 06:13
Severity ?
8.4 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Server-Side Request Forgery (SSRF) vulnerability in Johnson Controls Metasys could allow an authenticated attacker to inject malicious code into the MUI PDF export feature. This issue affects: Johnson Controls Metasys All 10 versions versions prior to 10.1.5; All 11 versions versions prior to 11.0.2.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| productsecurity@jci.com | https://www.cisa.gov/uscert/ics/advisories/icsa-22-095-02 | Third Party Advisory, US Government Resource | |
| productsecurity@jci.com | https://www.johnsoncontrols.com/cyber-solutions/security-advisories | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.cisa.gov/uscert/ics/advisories/icsa-22-095-02 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.johnsoncontrols.com/cyber-solutions/security-advisories | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_application_and_data_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "269B868C-D8D5-4726-BD49-9B25DA149188",
"versionEndExcluding": "10.1.5",
"versionStartIncluding": "10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_application_and_data_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA242516-72AD-4835-BE94-662CECD1DF78",
"versionEndExcluding": "11.0.2",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_extended_application_and_data_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F46EAB9-4A55-4488-A7A2-79FE4B0CA66F",
"versionEndExcluding": "10.1.5",
"versionStartIncluding": "10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_extended_application_and_data_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B02A5890-8965-4CB6-B009-9C741D4D97F4",
"versionEndExcluding": "11.0.2",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_open_application_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E3CC754C-B8D2-4CE0-AC12-1B53CB71055D",
"versionEndExcluding": "10.1.5",
"versionStartIncluding": "10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_open_application_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16B43D40-5D24-4011-B5E3-676EF38C2751",
"versionEndExcluding": "11.0.2",
"versionStartIncluding": "11.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Server-Side Request Forgery (SSRF) vulnerability in Johnson Controls Metasys could allow an authenticated attacker to inject malicious code into the MUI PDF export feature. This issue affects: Johnson Controls Metasys All 10 versions versions prior to 10.1.5; All 11 versions versions prior to 11.0.2."
},
{
"lang": "es",
"value": "La vulnerabilidad de tipo Server-Side Request Forgery (SSRF) en Johnson Controls Metasys podr\u00eda permitir a un atacante autenticado inyectar c\u00f3digo malicioso en la funci\u00f3n de exportaci\u00f3n de PDF de MUI. Este problema afecta a: Johnson Controls Metasys Todas las versiones 10 anteriores a 10.1.5; Todas las versiones 11 anteriores a 11.0.2"
}
],
"id": "CVE-2021-36202",
"lastModified": "2024-11-21T06:13:18.520",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 6.0,
"source": "productsecurity@jci.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-07T20:15:09.030",
"references": [
{
"source": "productsecurity@jci.com",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-095-02"
},
{
"source": "productsecurity@jci.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-095-02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
}
],
"sourceIdentifier": "productsecurity@jci.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-918"
}
],
"source": "productsecurity@jci.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-918"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-07-22 15:15
Modified
2024-11-21 06:13
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary
Under certain circumstances an unauthenticated user could access the the web API for Metasys ADS/ADX/OAS 10 versions prior to 10.1.6 and 11 versions prior to 11.0.2 and enumerate users.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| productsecurity@jci.com | https://www.cisa.gov/uscert/ics/advisories/icsa-22-202-02 | Mitigation, Third Party Advisory, US Government Resource | |
| productsecurity@jci.com | https://www.johnsoncontrols.com/cyber-solutions/security-advisories | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.cisa.gov/uscert/ics/advisories/icsa-22-202-02 | Mitigation, Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.johnsoncontrols.com/cyber-solutions/security-advisories | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_application_and_data_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7580CF-9B2D-441F-9F87-2D3AA0972F65",
"versionEndExcluding": "10.1.6",
"versionStartIncluding": "10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_application_and_data_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA242516-72AD-4835-BE94-662CECD1DF78",
"versionEndExcluding": "11.0.2",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_extended_application_and_data_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C3A978D-692C-4023-8A2E-B1F28B57763B",
"versionEndExcluding": "10.1.6",
"versionStartIncluding": "10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_extended_application_and_data_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B02A5890-8965-4CB6-B009-9C741D4D97F4",
"versionEndExcluding": "11.0.2",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_open_application_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BA185C2A-D5DE-4346-A409-0C457D72848D",
"versionEndExcluding": "10.1.6",
"versionStartIncluding": "10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_open_application_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16B43D40-5D24-4011-B5E3-676EF38C2751",
"versionEndExcluding": "11.0.2",
"versionStartIncluding": "11.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Under certain circumstances an unauthenticated user could access the the web API for Metasys ADS/ADX/OAS 10 versions prior to 10.1.6 and 11 versions prior to 11.0.2 and enumerate users."
},
{
"lang": "es",
"value": "Bajo determinadas circunstancias, un usuario no autenticado podr\u00eda acceder a la API web para las versiones de Metasys ADS/ADX/OAS versiones 10 anteriores a 10.1.6 y 11 anteriores a 11.0.2 y enumerar usuarios"
}
],
"id": "CVE-2021-36200",
"lastModified": "2024-11-21T06:13:18.243",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "productsecurity@jci.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-07-22T15:15:07.910",
"references": [
{
"source": "productsecurity@jci.com",
"tags": [
"Mitigation",
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-202-02"
},
{
"source": "productsecurity@jci.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-202-02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
}
],
"sourceIdentifier": "productsecurity@jci.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "productsecurity@jci.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-05-06 16:15
Modified
2024-11-21 06:45
Severity ?
8.0 (High) - CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Under certain circumstances an authenticated user could lock other users out of the system or take over their accounts in Metasys ADS/ADX/OAS server 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS server 11 versions prior to 11.0.2.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| productsecurity@jci.com | https://www.cisa.gov/uscert/ics/advisories/icsa-22-125-01 | Mitigation, Third Party Advisory, US Government Resource | |
| productsecurity@jci.com | https://www.johnsoncontrols.com/cyber-solutions/security-advisories | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.cisa.gov/uscert/ics/advisories/icsa-22-125-01 | Mitigation, Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.johnsoncontrols.com/cyber-solutions/security-advisories | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_application_and_data_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "269B868C-D8D5-4726-BD49-9B25DA149188",
"versionEndExcluding": "10.1.5",
"versionStartIncluding": "10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_application_and_data_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA242516-72AD-4835-BE94-662CECD1DF78",
"versionEndExcluding": "11.0.2",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_extended_application_and_data_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F46EAB9-4A55-4488-A7A2-79FE4B0CA66F",
"versionEndExcluding": "10.1.5",
"versionStartIncluding": "10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_extended_application_and_data_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B02A5890-8965-4CB6-B009-9C741D4D97F4",
"versionEndExcluding": "11.0.2",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_open_application_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E3CC754C-B8D2-4CE0-AC12-1B53CB71055D",
"versionEndExcluding": "10.1.5",
"versionStartIncluding": "10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_open_application_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16B43D40-5D24-4011-B5E3-676EF38C2751",
"versionEndExcluding": "11.0.2",
"versionStartIncluding": "11.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Under certain circumstances an authenticated user could lock other users out of the system or take over their accounts in Metasys ADS/ADX/OAS server 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS server 11 versions prior to 11.0.2."
},
{
"lang": "es",
"value": "En determinadas circunstancias, un usuario autenticado podr\u00eda bloquear a otros usuarios del sistema o hacerse con sus cuentas en Metasys ADS/ADX/OAS server 10 versiones anteriores a la 10.1.5 y Metasys ADS/ADX/OAS server 11 anteriores a 11.0.2"
}
],
"id": "CVE-2022-21934",
"lastModified": "2024-11-21T06:45:44.253",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9,
"source": "productsecurity@jci.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-05-06T16:15:14.560",
"references": [
{
"source": "productsecurity@jci.com",
"tags": [
"Mitigation",
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-125-01"
},
{
"source": "productsecurity@jci.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-125-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
}
],
"sourceIdentifier": "productsecurity@jci.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-620"
}
],
"source": "productsecurity@jci.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-03-10 20:15
Modified
2024-11-21 05:39
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Summary
XXE vulnerability exists in the Metasys family of product Web Services which has the potential to facilitate DoS attacks or harvesting of ASCII server files. This affects Johnson Controls' Metasys Application and Data Server (ADS, ADS-Lite) versions 10.1 and prior; Metasys Extended Application and Data Server (ADX) versions 10.1 and prior; Metasys Open Data Server (ODS) versions 10.1 and prior; Metasys Open Application Server (OAS) version 10.1; Metasys Network Automation Engine (NAE55 only) versions 9.0.1, 9.0.2, 9.0.3, 9.0.5, 9.0.6; Metasys Network Integration Engine (NIE55/NIE59) versions 9.0.1, 9.0.2, 9.0.3, 9.0.5, 9.0.6; Metasys NAE85 and NIE85 versions 10.1 and prior; Metasys LonWorks Control Server (LCS) versions 10.1 and prior; Metasys System Configuration Tool (SCT) versions 13.2 and prior; Metasys Smoke Control Network Automation Engine (NAE55, UL 864 UUKL/ORD-C100-13 UUKLC 10th Edition Listed) version 8.1.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| productsecurity@jci.com | https://www.johnsoncontrols.com/cyber-solutions/security-advisories | Vendor Advisory | |
| productsecurity@jci.com | https://www.us-cert.gov/ics/advisories/icsa-20-070-05 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.johnsoncontrols.com/cyber-solutions/security-advisories | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.us-cert.gov/ics/advisories/icsa-20-070-05 | Third Party Advisory, US Government Resource |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_application_and_data_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4CE23B26-D034-4970-8848-B43F2E41389F",
"versionEndIncluding": "10.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_application_and_data_server:*:*:*:*:lite:*:*:*",
"matchCriteriaId": "3C0620E4-119B-481C-BDAA-BC937C95E83E",
"versionEndIncluding": "10.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_extended_application_and_data_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E496E16F-E3AE-4283-8DCF-A3D6F5A706CE",
"versionEndIncluding": "10.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_lonworks_control_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "263A24F9-B037-4BC5-9314-096D95656650",
"versionEndIncluding": "10.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_open_application_server:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FB603510-C12B-4B2B-A02F-5466A55F8B74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_open_data_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "71968137-C008-437F-8C21-4A4ED0B7E56C",
"versionEndIncluding": "10.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_system_configuration_tool:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F56178B0-3FE7-461D-ADA2-54462A6D7B46",
"versionEndIncluding": "13.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:johnsoncontrols:nae55_firmware:9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5EB854EA-B50A-4F40-A4D8-FFB8853D76E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:johnsoncontrols:nae55_firmware:9.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EE91E65D-F366-4B12-B38C-86CFF8022E48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:johnsoncontrols:nae55_firmware:9.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5F2F47CB-E7EB-49C8-8B9F-3B30A42AD24B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:johnsoncontrols:nae55_firmware:9.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "52D4A61B-C0B1-41EC-80F2-9BA6C630C29D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:johnsoncontrols:nae55_firmware:9.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "4F236C62-19F6-4E3D-9FD5-BF0CFD438E35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:johnsoncontrols:nae55:-:*:*:*:*:*:*:*",
"matchCriteriaId": "019B3C3A-BB07-4BC2-B3DB-1C0DEA374251",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:johnsoncontrols:nie55_firmware:9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7F20C9A-86A1-4402-ACA5-5FFEB9470788",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:johnsoncontrols:nie55_firmware:9.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "652D8597-9F8A-4FA3-9EA9-8BB26C2953DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:johnsoncontrols:nie55_firmware:9.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "18DC2810-E54D-4EAC-A7B1-7B88AFF16935",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:johnsoncontrols:nie55_firmware:9.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C263049B-9173-469D-BDF8-1D6B61A2BA71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:johnsoncontrols:nie55_firmware:9.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "70664E20-DC56-4AFA-9E9A-5BA794FD6080",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:johnsoncontrols:nie55:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9407D2BB-6929-47D8-8B2F-F013EBC607E0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:johnsoncontrols:nie59_firmware:9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BBA16884-A626-4483-ABB6-EC7059B1A549",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:johnsoncontrols:nie59_firmware:9.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "ACFF546D-7FCA-4EC1-9E85-086D9FBBD468",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:johnsoncontrols:nie59_firmware:9.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "320A2B91-2E96-45C4-86A5-3B575E4A9A55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:johnsoncontrols:nie59_firmware:9.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "91D52CD2-381E-4625-A9D9-BED66E8CD96F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:johnsoncontrols:nie59_firmware:9.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "13D8F48D-153D-4642-A81A-04A08AC59314",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:johnsoncontrols:nie59:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1902A4F3-0902-40A3-992B-254BEB6BE555",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:johnsoncontrols:nae85_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8708B37B-CEB2-4CFC-A6B4-46C5805A4B81",
"versionEndIncluding": "10.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:johnsoncontrols:nae85:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E484FC0C-DB0A-428C-9D03-4B6EED9A5C8D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:johnsoncontrols:nie85_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0B53A40F-C2D2-4A00-81C7-3AD82CE6B9CC",
"versionEndIncluding": "10.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:johnsoncontrols:nie85:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46B1775A-BFB4-469F-8E95-EF22F539E0B0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:johnsoncontrols:nae55_firmware:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4067014-451C-489A-B2D5-82F027080047",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:johnsoncontrols:nae55:-:*:*:*:*:*:*:*",
"matchCriteriaId": "019B3C3A-BB07-4BC2-B3DB-1C0DEA374251",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:johnsoncontrols:ul_864_uukl_firmware:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "49FB882E-9263-46EB-8734-36B13F2BA7AC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:johnsoncontrols:ul_864_uukl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90B22EEA-266F-4117-995A-B8AD850E58D1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:johnsoncontrols:ord-c100-13_uuklc_firmware:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "05874312-36F3-4CAF-85EA-550A2E21529C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:johnsoncontrols:ord-c100-13_uuklc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E6A419B6-62AC-4ADA-A84F-F183BA76DDC5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "XXE vulnerability exists in the Metasys family of product Web Services which has the potential to facilitate DoS attacks or harvesting of ASCII server files. This affects Johnson Controls\u0027 Metasys Application and Data Server (ADS, ADS-Lite) versions 10.1 and prior; Metasys Extended Application and Data Server (ADX) versions 10.1 and prior; Metasys Open Data Server (ODS) versions 10.1 and prior; Metasys Open Application Server (OAS) version 10.1; Metasys Network Automation Engine (NAE55 only) versions 9.0.1, 9.0.2, 9.0.3, 9.0.5, 9.0.6; Metasys Network Integration Engine (NIE55/NIE59) versions 9.0.1, 9.0.2, 9.0.3, 9.0.5, 9.0.6; Metasys NAE85 and NIE85 versions 10.1 and prior; Metasys LonWorks Control Server (LCS) versions 10.1 and prior; Metasys System Configuration Tool (SCT) versions 13.2 and prior; Metasys Smoke Control Network Automation Engine (NAE55, UL 864 UUKL/ORD-C100-13 UUKLC 10th Edition Listed) version 8.1."
},
{
"lang": "es",
"value": "Hay la vulnerabilidad de tipo XXE, en la familia de productos Web Services de Metasys, que tiene el potencial de facilitar ataques de DoS o la recolecci\u00f3n de archivos de servidor ASCII. Esto afecta a Metasys Application and Data Server (ADS, ADS-Lite) versiones 10.1 y anteriores; Metasys Extended Application and Data Server (ADX) versiones 10.1 y anteriores; Metasys Open Data Server (ODS) versiones 10.1 y anteriores; Metasys Open Application Server (OAS) versi\u00f3n 10.1; Metasys Network Automation Engine (solo NAE55) versiones 9.0.1, 9.0.2, 9.0.3, 9.0.5, 9.0.6; Metasys Network Integration Engine (NIE55/NIE59) versiones 9.0.1, 9.0.2, 9.0.3, 9.0.5, 9.0.6; Metasys NAE85 and NIE85 versiones 10.1 y anteriores; Metasys LonWorks Control Server (LCS) versiones 10.1 y anteriores; Metasys System Configuration Tool (SCT) versiones 13.2 y anteriores; Metasys Snake Control Network Automation Engine (NAE55, UL 864 UUKL/ORD-C100-13 UUKLC 10th Edici\u00f3n Listad) versi\u00f3n 8.1, todas de Johnson Control."
}
],
"id": "CVE-2020-9044",
"lastModified": "2024-11-21T05:39:53.377",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "productsecurity@jci.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-03-10T20:15:22.197",
"references": [
{
"source": "productsecurity@jci.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"source": "productsecurity@jci.com",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-070-05"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-070-05"
}
],
"sourceIdentifier": "productsecurity@jci.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-611"
}
],
"source": "productsecurity@jci.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-611"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-04-29 17:15
Modified
2024-11-21 06:13
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Under certain circumstances improper privilege management in Metasys ADS/ADX/OAS servers versions 10 and 11 could allow an authenticated user to elevate their privileges to administrator.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| productsecurity@jci.com | https://www.cisa.gov/uscert/ics/advisories/icsa-22-118-01 | Third Party Advisory, US Government Resource | |
| productsecurity@jci.com | https://www.johnsoncontrols.com/cyber-solutions/security-advisories | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.cisa.gov/uscert/ics/advisories/icsa-22-118-01 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.johnsoncontrols.com/cyber-solutions/security-advisories | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_application_and_data_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "269B868C-D8D5-4726-BD49-9B25DA149188",
"versionEndExcluding": "10.1.5",
"versionStartIncluding": "10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_application_and_data_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA242516-72AD-4835-BE94-662CECD1DF78",
"versionEndExcluding": "11.0.2",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_extended_application_and_data_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F46EAB9-4A55-4488-A7A2-79FE4B0CA66F",
"versionEndExcluding": "10.1.5",
"versionStartIncluding": "10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_extended_application_and_data_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B02A5890-8965-4CB6-B009-9C741D4D97F4",
"versionEndExcluding": "11.0.2",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_open_application_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E3CC754C-B8D2-4CE0-AC12-1B53CB71055D",
"versionEndExcluding": "10.1.5",
"versionStartIncluding": "10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_open_application_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16B43D40-5D24-4011-B5E3-676EF38C2751",
"versionEndExcluding": "11.0.2",
"versionStartIncluding": "11.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Under certain circumstances improper privilege management in Metasys ADS/ADX/OAS servers versions 10 and 11 could allow an authenticated user to elevate their privileges to administrator."
},
{
"lang": "es",
"value": "Bajo determinadas circunstancias una administraci\u00f3n de privilegios inapropiada en los servidores Metasys ADS/ADX/OAS versiones 10 y 11, podr\u00eda permitir a un usuario autenticado elevar sus privilegios a administrador"
}
],
"id": "CVE-2021-36207",
"lastModified": "2024-11-21T06:13:19.183",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 8.5,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "productsecurity@jci.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-29T17:15:19.777",
"references": [
{
"source": "productsecurity@jci.com",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-118-01"
},
{
"source": "productsecurity@jci.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-118-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
}
],
"sourceIdentifier": "productsecurity@jci.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "productsecurity@jci.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-06-15 20:15
Modified
2024-11-21 06:45
Severity ?
7.5 (High) - CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Summary
A vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 allows unverified password change.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| productsecurity@jci.com | https://www.cisa.gov/uscert/ics/advisories/icsa-22-165-01 | Third Party Advisory, US Government Resource | |
| productsecurity@jci.com | https://www.johnsoncontrols.com/cyber-solutions/security-advisories | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.cisa.gov/uscert/ics/advisories/icsa-22-165-01 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.johnsoncontrols.com/cyber-solutions/security-advisories | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_application_and_data_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0B7D6966-7384-435E-8149-F12123042AC0",
"versionEndIncluding": "10.1.5",
"versionStartIncluding": "10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_application_and_data_server:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C801ABDD-1BEB-43E9-9130-2BA854EFC66C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_application_and_data_server:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "11E47FE4-E401-40C1-B6CE-0631A6F0987C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_extended_application_and_data_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BB5F564D-9430-421D-9BCD-3AFA40503FBB",
"versionEndIncluding": "10.1.5",
"versionStartIncluding": "10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_extended_application_and_data_server:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5D5BDB2A-DC14-48F5-BB81-6908FE1DC0E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_extended_application_and_data_server:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "066D677E-470D-4356-B167-7888C097FA15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_open_application_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E3CC754C-B8D2-4CE0-AC12-1B53CB71055D",
"versionEndExcluding": "10.1.5",
"versionStartIncluding": "10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_open_application_server:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AE893FEE-07B1-4ABD-ADAF-24BB6129B6B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_open_application_server:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B886EFC1-5226-493D-9C7C-363DFFBBA4F0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 allows unverified password change."
},
{
"lang": "es",
"value": "Una vulnerabilidad en Metasys ADS/ADX/OAS 10 versiones anteriores a 10.1.5 y en Metasys ADS/ADX/OAS 11 versiones anteriores a 11.0.2, permite un cambio de contrase\u00f1a no verificado"
}
],
"id": "CVE-2022-21935",
"lastModified": "2024-11-21T06:45:44.393",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9,
"source": "productsecurity@jci.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-06-15T20:15:17.627",
"references": [
{
"source": "productsecurity@jci.com",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-165-01"
},
{
"source": "productsecurity@jci.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-165-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
}
],
"sourceIdentifier": "productsecurity@jci.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-620"
}
],
"source": "productsecurity@jci.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-01-13 21:15
Modified
2024-11-21 06:13
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
Under some circumstances an Insufficiently Protected Credentials vulnerability in Johnson Controls Metasys ADS/ADX/OAS 10 versions prior to 10.1.6 and 11 versions prior to 11.0.3 allows API calls to expose credentials in plain text.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| productsecurity@jci.com | https://www.cisa.gov/uscert/ics/advisories/icsa-23-012-06 | Third Party Advisory, US Government Resource | |
| productsecurity@jci.com | https://www.johnsoncontrols.com/cyber-solutions/security-advisories | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.cisa.gov/uscert/ics/advisories/icsa-23-012-06 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.johnsoncontrols.com/cyber-solutions/security-advisories | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_application_and_data_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7580CF-9B2D-441F-9F87-2D3AA0972F65",
"versionEndExcluding": "10.1.6",
"versionStartIncluding": "10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_application_and_data_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "262BBB40-E1BB-4C89-B92F-0B43FBF0B64C",
"versionEndExcluding": "11.0.3",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_extended_application_and_data_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C3A978D-692C-4023-8A2E-B1F28B57763B",
"versionEndExcluding": "10.1.6",
"versionStartIncluding": "10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_extended_application_and_data_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F9CD5BAD-C152-4740-B289-206777A4B918",
"versionEndExcluding": "11.0.3",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_open_application_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BA185C2A-D5DE-4346-A409-0C457D72848D",
"versionEndExcluding": "10.1.6",
"versionStartIncluding": "10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_open_application_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5A5399D-16B3-4C4A-ADB2-791BD1449B0F",
"versionEndExcluding": "11.0.3",
"versionStartIncluding": "11.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Under some circumstances an Insufficiently Protected Credentials vulnerability in Johnson Controls Metasys ADS/ADX/OAS 10 versions prior to 10.1.6 and 11 versions prior to 11.0.3 allows API calls to expose credentials in plain text."
},
{
"lang": "es",
"value": "En algunas circunstancias, una vulnerabilidad de credenciales insuficientemente protegidas en Johnson Controls Metasys ADS/ADX/OAS versiones 10 anteriores a 10.1.6 y 11 versiones anteriores a 11.0.3 permite que las llamadas API expongan credenciales en texto plano."
}
],
"id": "CVE-2021-36204",
"lastModified": "2024-11-21T06:13:18.790",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "productsecurity@jci.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-01-13T21:15:15.360",
"references": [
{
"source": "productsecurity@jci.com",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-23-012-06"
},
{
"source": "productsecurity@jci.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-23-012-06"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
}
],
"sourceIdentifier": "productsecurity@jci.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-522"
}
],
"source": "productsecurity@jci.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-522"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-06-15 20:15
Modified
2024-11-21 06:45
Severity ?
8.7 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
Under certain circumstances, a vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 could allow a user to inject malicious code into the web interface.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| productsecurity@jci.com | https://www.cisa.gov/uscert/ics/advisories/icsa-22-165-01 | Third Party Advisory, US Government Resource | |
| productsecurity@jci.com | https://www.johnsoncontrols.com/cyber-solutions/security-advisories | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.cisa.gov/uscert/ics/advisories/icsa-22-165-01 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.johnsoncontrols.com/cyber-solutions/security-advisories | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_application_and_data_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0B7D6966-7384-435E-8149-F12123042AC0",
"versionEndIncluding": "10.1.5",
"versionStartIncluding": "10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_application_and_data_server:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C801ABDD-1BEB-43E9-9130-2BA854EFC66C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_application_and_data_server:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "11E47FE4-E401-40C1-B6CE-0631A6F0987C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_extended_application_and_data_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BB5F564D-9430-421D-9BCD-3AFA40503FBB",
"versionEndIncluding": "10.1.5",
"versionStartIncluding": "10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_extended_application_and_data_server:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5D5BDB2A-DC14-48F5-BB81-6908FE1DC0E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_extended_application_and_data_server:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "066D677E-470D-4356-B167-7888C097FA15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_open_application_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E3CC754C-B8D2-4CE0-AC12-1B53CB71055D",
"versionEndExcluding": "10.1.5",
"versionStartIncluding": "10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_open_application_server:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AE893FEE-07B1-4ABD-ADAF-24BB6129B6B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_open_application_server:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B886EFC1-5226-493D-9C7C-363DFFBBA4F0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Under certain circumstances, a vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 could allow a user to inject malicious code into the web interface."
},
{
"lang": "es",
"value": "Bajo determinadas circunstancias, una vulnerabilidad en Metasys ADS/ADX/OAS 10 versiones anteriores a 10.1.5 y Metasys ADS/ADX/OAS 11versiones anteriores a 11.0.2 podr\u00eda permitir a un usuario inyectar c\u00f3digo malicioso en la interfaz web"
}
],
"id": "CVE-2022-21937",
"lastModified": "2024-11-21T06:45:44.630",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 5.8,
"source": "productsecurity@jci.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-06-15T20:15:17.687",
"references": [
{
"source": "productsecurity@jci.com",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-165-01"
},
{
"source": "productsecurity@jci.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-165-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
}
],
"sourceIdentifier": "productsecurity@jci.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "productsecurity@jci.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-06-15 21:15
Modified
2024-11-21 06:45
Severity ?
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
Under certain circumstances, a vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 could allow a user to inject malicious code into the MUI Graphics web interface.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| productsecurity@jci.com | https://www.cisa.gov/uscert/ics/advisories/icsa-22-165-01 | Third Party Advisory, US Government Resource | |
| productsecurity@jci.com | https://www.johnsoncontrols.com/cyber-solutions/security-advisories | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.cisa.gov/uscert/ics/advisories/icsa-22-165-01 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.johnsoncontrols.com/cyber-solutions/security-advisories | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_application_and_data_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0B7D6966-7384-435E-8149-F12123042AC0",
"versionEndIncluding": "10.1.5",
"versionStartIncluding": "10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_application_and_data_server:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C801ABDD-1BEB-43E9-9130-2BA854EFC66C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_application_and_data_server:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "11E47FE4-E401-40C1-B6CE-0631A6F0987C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_extended_application_and_data_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BB5F564D-9430-421D-9BCD-3AFA40503FBB",
"versionEndIncluding": "10.1.5",
"versionStartIncluding": "10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_extended_application_and_data_server:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5D5BDB2A-DC14-48F5-BB81-6908FE1DC0E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_extended_application_and_data_server:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "066D677E-470D-4356-B167-7888C097FA15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_open_application_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E3CC754C-B8D2-4CE0-AC12-1B53CB71055D",
"versionEndExcluding": "10.1.5",
"versionStartIncluding": "10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_open_application_server:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AE893FEE-07B1-4ABD-ADAF-24BB6129B6B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:johnsoncontrols:metasys_open_application_server:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B886EFC1-5226-493D-9C7C-363DFFBBA4F0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Under certain circumstances, a vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 could allow a user to inject malicious code into the MUI Graphics web interface."
},
{
"lang": "es",
"value": "Bajo determinadas circunstancias, una vulnerabilidad en Metasys ADS/ADX/OAS 10 versiones anteriores a 10.1.5 y en Metasys ADS/ADX/OAS 11 versiones anteriores a 11.0.2, podr\u00eda permitir a un usuario inyectar c\u00f3digo malicioso en la interfaz web de MUI Graphics"
}
],
"id": "CVE-2022-21938",
"lastModified": "2024-11-21T06:45:44.787",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.7,
"impactScore": 5.8,
"source": "productsecurity@jci.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-06-15T21:15:09.190",
"references": [
{
"source": "productsecurity@jci.com",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-165-01"
},
{
"source": "productsecurity@jci.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-165-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
}
],
"sourceIdentifier": "productsecurity@jci.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "productsecurity@jci.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2022-21935 (GCVE-0-2022-21935)
Vulnerability from cvelistv5
Published
2022-06-15 19:57
Modified
2024-09-16 19:57
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-620 - Unverified Password Change
Summary
A vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 allows unverified password change.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Johnson Controls | Metasys ADS/ADX/OAS server |
Version: All 10 versions < 10.1.5 Version: All 11 versions < 11.0.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:00:54.509Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-165-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Metasys ADS/ADX/OAS server",
"vendor": "Johnson Controls",
"versions": [
{
"lessThan": "10.1.5",
"status": "affected",
"version": "All 10 versions",
"versionType": "custom"
},
{
"lessThan": "11.0.2",
"status": "affected",
"version": "All 11 versions",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-06-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 allows unverified password change."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-620",
"description": "CWE-620 Unverified Password Change",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-15T19:57:01",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-165-01"
}
],
"solutions": [
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS 10 versions with patch 10.1.5."
},
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS 11 versions with patch 11.0.2."
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Metasys password guessing",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productsecurity@jci.com",
"DATE_PUBLIC": "2022-06-14T19:41:00.000Z",
"ID": "CVE-2022-21935",
"STATE": "PUBLIC",
"TITLE": "Metasys password guessing"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Metasys ADS/ADX/OAS server",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "All 10 versions",
"version_value": "10.1.5"
},
{
"version_affected": "\u003c",
"version_name": "All 11 versions",
"version_value": "11.0.2"
}
]
}
}
]
},
"vendor_name": "Johnson Controls"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 allows unverified password change."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-620 Unverified Password Change"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories",
"refsource": "CONFIRM",
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"refsource": "CERT",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-165-01"
}
]
},
"solution": [
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS 10 versions with patch 10.1.5."
},
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS 11 versions with patch 11.0.2."
}
],
"source": {
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2022-21935",
"datePublished": "2022-06-15T19:57:01.029262Z",
"dateReserved": "2021-12-15T00:00:00",
"dateUpdated": "2024-09-16T19:57:26.166Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-36202 (GCVE-0-2021-36202)
Vulnerability from cvelistv5
Published
2022-04-07 19:12
Modified
2024-09-17 01:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Summary
Server-Side Request Forgery (SSRF) vulnerability in Johnson Controls Metasys could allow an authenticated attacker to inject malicious code into the MUI PDF export feature. This issue affects: Johnson Controls Metasys All 10 versions versions prior to 10.1.5; All 11 versions versions prior to 11.0.2.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Johnson Controls | Metasys |
Version: All 10 versions < 10.1.5 Version: All 11 versions < 11.0.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:54:50.839Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-095-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Metasys",
"vendor": "Johnson Controls",
"versions": [
{
"lessThan": "10.1.5",
"status": "affected",
"version": "All 10 versions",
"versionType": "custom"
},
{
"lessThan": "11.0.2",
"status": "affected",
"version": "All 11 versions",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Tony West"
}
],
"datePublic": "2022-04-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Server-Side Request Forgery (SSRF) vulnerability in Johnson Controls Metasys could allow an authenticated attacker to inject malicious code into the MUI PDF export feature. This issue affects: Johnson Controls Metasys All 10 versions versions prior to 10.1.5; All 11 versions versions prior to 11.0.2."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918: Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-07T19:13:04",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-095-02"
}
],
"solutions": [
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS 10 versions with patch 10.1.5."
},
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS 11 versions with patch 11.0.2."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Metasys UI",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productsecurity@jci.com",
"DATE_PUBLIC": "2022-04-07T13:07:00.000Z",
"ID": "CVE-2021-36202",
"STATE": "PUBLIC",
"TITLE": "Metasys UI"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Metasys",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "All 10 versions",
"version_value": "10.1.5"
},
{
"version_affected": "\u003c",
"version_name": "All 11 versions",
"version_value": "11.0.2"
}
]
}
}
]
},
"vendor_name": "Johnson Controls"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Tony West"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Server-Side Request Forgery (SSRF) vulnerability in Johnson Controls Metasys could allow an authenticated attacker to inject malicious code into the MUI PDF export feature. This issue affects: Johnson Controls Metasys All 10 versions versions prior to 10.1.5; All 11 versions versions prior to 11.0.2."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-918: Server-Side Request Forgery (SSRF)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories",
"refsource": "CONFIRM",
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"refsource": "CERT",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-095-02"
}
]
},
"solution": [
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS 10 versions with patch 10.1.5."
},
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS 11 versions with patch 11.0.2."
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2021-36202",
"datePublished": "2022-04-07T19:12:48.421855Z",
"dateReserved": "2021-07-06T00:00:00",
"dateUpdated": "2024-09-17T01:50:52.203Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-36207 (GCVE-0-2021-36207)
Vulnerability from cvelistv5
Published
2022-04-29 16:39
Modified
2024-09-17 00:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-269 - Improper Privilege Management
Summary
Under certain circumstances improper privilege management in Metasys ADS/ADX/OAS servers versions 10 and 11 could allow an authenticated user to elevate their privileges to administrator.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Johnson Controls | Metasys ADS/ADX/OAS server |
Version: All 10 versions < 10.1.5 Version: All 11 versions < 11.0.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:54:50.990Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-118-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Metasys ADS/ADX/OAS server",
"vendor": "Johnson Controls",
"versions": [
{
"lessThan": "10.1.5",
"status": "affected",
"version": "All 10 versions",
"versionType": "custom"
},
{
"lessThan": "11.0.2",
"status": "affected",
"version": "All 11 versions",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Under certain circumstances improper privilege management in Metasys ADS/ADX/OAS servers versions 10 and 11 could allow an authenticated user to elevate their privileges to administrator."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269: Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-29T16:39:14",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-118-01"
}
],
"solutions": [
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS Servers versions 10 with patch 10.1.5"
},
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS Servers versions 11 with patch 11.0.2"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Metasys privilege management",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productsecurity@jci.com",
"DATE_PUBLIC": "2022-04-28T18:39:00.000Z",
"ID": "CVE-2021-36207",
"STATE": "PUBLIC",
"TITLE": "Metasys privilege management"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Metasys ADS/ADX/OAS server",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "All 10 versions",
"version_value": "10.1.5"
},
{
"version_affected": "\u003c",
"version_name": "All 11 versions",
"version_value": "11.0.2"
}
]
}
}
]
},
"vendor_name": "Johnson Controls"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Under certain circumstances improper privilege management in Metasys ADS/ADX/OAS servers versions 10 and 11 could allow an authenticated user to elevate their privileges to administrator."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-269: Improper Privilege Management"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories",
"refsource": "CONFIRM",
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"refsource": "CERT",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-118-01"
}
]
},
"solution": [
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS Servers versions 10 with patch 10.1.5"
},
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS Servers versions 11 with patch 11.0.2"
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2021-36207",
"datePublished": "2022-04-29T16:39:14.893525Z",
"dateReserved": "2021-07-06T00:00:00",
"dateUpdated": "2024-09-17T00:11:33.212Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-36204 (GCVE-0-2021-36204)
Vulnerability from cvelistv5
Published
2023-01-13 00:00
Modified
2025-04-07 19:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-522 - Insufficiently Protected Credentials
Summary
Under some circumstances an Insufficiently Protected Credentials vulnerability in Johnson Controls Metasys ADS/ADX/OAS 10 versions prior to 10.1.6 and 11 versions prior to 11.0.3 allows API calls to expose credentials in plain text.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Johnson Controls | Metasys ADS/ADX/OAS |
Version: All 10 versions < 10.1.6 Version: All 11 versions < 11.0.3 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:54:51.234Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-23-012-06"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-36204",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-07T19:45:28.404334Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-07T19:45:35.972Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Metasys ADS/ADX/OAS",
"vendor": "Johnson Controls",
"versions": [
{
"lessThan": "10.1.6",
"status": "affected",
"version": "All 10 versions",
"versionType": "custom"
},
{
"lessThan": "11.0.3",
"status": "affected",
"version": "All 11 versions",
"versionType": "custom"
}
]
}
],
"datePublic": "2023-01-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Under some circumstances an Insufficiently Protected Credentials vulnerability in Johnson Controls Metasys ADS/ADX/OAS 10 versions prior to 10.1.6 and 11 versions prior to 11.0.3 allows API calls to expose credentials in plain text."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-522",
"description": "CWE-522: Insufficiently Protected Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-13T00:00:00.000Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"tags": [
"third-party-advisory"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-23-012-06"
}
],
"solutions": [
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS 10 versions with patch 10.1.6."
},
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS 11 versions with patch 11.0.3."
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Insufficiently Protected Credentials in Metasys ",
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2021-36204",
"datePublished": "2023-01-13T00:00:00.000Z",
"dateReserved": "2021-07-06T00:00:00.000Z",
"dateUpdated": "2025-04-07T19:45:35.972Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-36200 (GCVE-0-2021-36200)
Vulnerability from cvelistv5
Published
2022-07-22 14:55
Modified
2024-09-16 17:07
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-306 - Missing Authentication for Critical Function
Summary
Under certain circumstances an unauthenticated user could access the the web API for Metasys ADS/ADX/OAS 10 versions prior to 10.1.6 and 11 versions prior to 11.0.2 and enumerate users.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Johnson Controls | Metasys ADS/ADX/OAS server |
Version: All 10 versions < 10.1.6 Version: All 11 versions < 11.0.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:54:50.708Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-202-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Metasys ADS/ADX/OAS server",
"vendor": "Johnson Controls",
"versions": [
{
"lessThan": "10.1.6",
"status": "affected",
"version": "All 10 versions",
"versionType": "custom"
},
{
"lessThan": "11.0.2",
"status": "affected",
"version": "All 11 versions",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Alessandro Bosco, Luca Di Giuseppe, Stefano Scipioni, and Massimiliano Brolli of TIM Security Red Team Research"
}
],
"datePublic": "2022-07-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Under certain circumstances an unauthenticated user could access the the web API for Metasys ADS/ADX/OAS 10 versions prior to 10.1.6 and 11 versions prior to 11.0.2 and enumerate users."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306: Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-22T14:55:52",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-202-02"
}
],
"solutions": [
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS 10 versions with patch 10.1.6"
},
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS 11 versions with patch 11.0.2"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Metasys ADS/ADX/OAS with MUI",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productsecurity@jci.com",
"DATE_PUBLIC": "2022-07-21T18:57:00.000Z",
"ID": "CVE-2021-36200",
"STATE": "PUBLIC",
"TITLE": "Metasys ADS/ADX/OAS with MUI"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Metasys ADS/ADX/OAS server",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "All 10 versions",
"version_value": "10.1.6"
},
{
"version_affected": "\u003c",
"version_name": "All 11 versions",
"version_value": "11.0.2"
}
]
}
}
]
},
"vendor_name": "Johnson Controls"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Alessandro Bosco, Luca Di Giuseppe, Stefano Scipioni, and Massimiliano Brolli of TIM Security Red Team Research"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Under certain circumstances an unauthenticated user could access the the web API for Metasys ADS/ADX/OAS 10 versions prior to 10.1.6 and 11 versions prior to 11.0.2 and enumerate users."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-306: Missing Authentication for Critical Function"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories",
"refsource": "CONFIRM",
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"refsource": "CERT",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-202-02"
}
]
},
"solution": [
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS 10 versions with patch 10.1.6"
},
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS 11 versions with patch 11.0.2"
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2021-36200",
"datePublished": "2022-07-22T14:55:52.577138Z",
"dateReserved": "2021-07-06T00:00:00",
"dateUpdated": "2024-09-16T17:07:41.371Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-21937 (GCVE-0-2022-21937)
Vulnerability from cvelistv5
Published
2022-06-15 19:37
Modified
2024-09-16 18:23
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Cross-site Scripting (XSS)
Summary
Under certain circumstances, a vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 could allow a user to inject malicious code into the web interface.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Johnson Controls | Metasys ADS/ADX/OAS server |
Version: All 10 versions < 10.1.5 Version: All 11 versions < 11.0.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:00:54.464Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-165-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Metasys ADS/ADX/OAS server",
"vendor": "Johnson Controls",
"versions": [
{
"lessThan": "10.1.5",
"status": "affected",
"version": "All 10 versions",
"versionType": "custom"
},
{
"lessThan": "11.0.2",
"status": "affected",
"version": "All 11 versions",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-06-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Under certain circumstances, a vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 could allow a user to inject malicious code into the web interface."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-15T19:37:55",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-165-01"
}
],
"solutions": [
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS 10 versions with patch 10.1.5."
},
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS 11 versions with patch 11.0.2."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Metasys CSS",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productsecurity@jci.com",
"DATE_PUBLIC": "2022-06-14T19:41:00.000Z",
"ID": "CVE-2022-21937",
"STATE": "PUBLIC",
"TITLE": "Metasys CSS"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Metasys ADS/ADX/OAS server",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "All 10 versions",
"version_value": "10.1.5"
},
{
"version_affected": "\u003c",
"version_name": "All 11 versions",
"version_value": "11.0.2"
}
]
}
}
]
},
"vendor_name": "Johnson Controls"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Under certain circumstances, a vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 could allow a user to inject malicious code into the web interface."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories",
"refsource": "CONFIRM",
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"refsource": "CERT",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-165-01"
}
]
},
"solution": [
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS 10 versions with patch 10.1.5."
},
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS 11 versions with patch 11.0.2."
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2022-21937",
"datePublished": "2022-06-15T19:37:55.529400Z",
"dateReserved": "2021-12-15T00:00:00",
"dateUpdated": "2024-09-16T18:23:37.977Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-21938 (GCVE-0-2022-21938)
Vulnerability from cvelistv5
Published
2022-06-15 20:15
Modified
2024-09-16 17:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Cross-site Scripting (XSS)
Summary
Under certain circumstances, a vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 could allow a user to inject malicious code into the MUI Graphics web interface.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Johnson Controls | Metasys ADS/ADX/OAS server |
Version: All 10 versions < 10.1.5 Version: All 11 versions < 11.0.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:00:54.320Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-165-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Metasys ADS/ADX/OAS server",
"vendor": "Johnson Controls",
"versions": [
{
"lessThan": "10.1.5",
"status": "affected",
"version": "All 10 versions",
"versionType": "custom"
},
{
"lessThan": "11.0.2",
"status": "affected",
"version": "All 11 versions",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-06-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Under certain circumstances, a vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 could allow a user to inject malicious code into the MUI Graphics web interface."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-15T20:15:35",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-165-01"
}
],
"solutions": [
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS 10 versions with patch 10.1.5."
},
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS 11 versions with patch 11.0.2."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Metasys MUI Graphics XSS",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productsecurity@jci.com",
"DATE_PUBLIC": "2022-06-14T19:41:00.000Z",
"ID": "CVE-2022-21938",
"STATE": "PUBLIC",
"TITLE": "Metasys MUI Graphics XSS"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Metasys ADS/ADX/OAS server",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "All 10 versions",
"version_value": "10.1.5"
},
{
"version_affected": "\u003c",
"version_name": "All 11 versions",
"version_value": "11.0.2"
}
]
}
}
]
},
"vendor_name": "Johnson Controls"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Under certain circumstances, a vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 could allow a user to inject malicious code into the MUI Graphics web interface."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories",
"refsource": "CONFIRM",
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"refsource": "CERT",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-165-01"
}
]
},
"solution": [
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS 10 versions with patch 10.1.5."
},
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS 11 versions with patch 11.0.2."
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2022-21938",
"datePublished": "2022-06-15T20:15:35.912518Z",
"dateReserved": "2021-12-15T00:00:00",
"dateUpdated": "2024-09-16T17:19:16.453Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-21934 (GCVE-0-2022-21934)
Vulnerability from cvelistv5
Published
2022-05-06 15:55
Modified
2024-09-16 18:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-620 - Unverified Password Change
Summary
Under certain circumstances an authenticated user could lock other users out of the system or take over their accounts in Metasys ADS/ADX/OAS server 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS server 11 versions prior to 11.0.2.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Johnson Controls | Metasys ADS/ADX/OAS server |
Version: All 10 versions < 10.1.5 Version: All 11 versions < 11.0.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:00:54.461Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-125-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Metasys ADS/ADX/OAS server",
"vendor": "Johnson Controls",
"versions": [
{
"lessThan": "10.1.5",
"status": "affected",
"version": "All 10 versions",
"versionType": "custom"
},
{
"lessThan": "11.0.2",
"status": "affected",
"version": "All 11 versions",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Under certain circumstances an authenticated user could lock other users out of the system or take over their accounts in Metasys ADS/ADX/OAS server 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS server 11 versions prior to 11.0.2."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-620",
"description": "CWE-620: Unverified Password Change",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-06T15:55:23",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-125-01"
}
],
"solutions": [
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS 10 versions with patch 10.1.5."
},
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS 11 versions with patch 11.0.2."
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Metasys Unverified Password Change",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productsecurity@jci.com",
"DATE_PUBLIC": "2022-05-05T19:36:00.000Z",
"ID": "CVE-2022-21934",
"STATE": "PUBLIC",
"TITLE": "Metasys Unverified Password Change"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Metasys ADS/ADX/OAS server",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "All 10 versions",
"version_value": "10.1.5"
},
{
"version_affected": "\u003c",
"version_name": "All 11 versions",
"version_value": "11.0.2"
}
]
}
}
]
},
"vendor_name": "Johnson Controls"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Under certain circumstances an authenticated user could lock other users out of the system or take over their accounts in Metasys ADS/ADX/OAS server 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS server 11 versions prior to 11.0.2."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-620: Unverified Password Change"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories",
"refsource": "CONFIRM",
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"refsource": "CERT",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-125-01"
}
]
},
"solution": [
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS 10 versions with patch 10.1.5."
},
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS 11 versions with patch 11.0.2."
}
],
"source": {
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2022-21934",
"datePublished": "2022-05-06T15:55:23.784773Z",
"dateReserved": "2021-12-15T00:00:00",
"dateUpdated": "2024-09-16T18:24:30.056Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-36205 (GCVE-0-2021-36205)
Vulnerability from cvelistv5
Published
2022-04-15 16:24
Modified
2024-09-16 23:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-459 - Incomplete Cleanup
Summary
Under certain circumstances the session token is not cleared on logout.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Johnson Controls | Metasys |
Version: All 10 versions < 10.1.5 Version: All 11 versions < 11.0.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:54:50.703Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Metasys",
"vendor": "Johnson Controls",
"versions": [
{
"lessThan": "10.1.5",
"status": "affected",
"version": "All 10 versions",
"versionType": "custom"
},
{
"lessThan": "11.0.2",
"status": "affected",
"version": "All 11 versions",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Under certain circumstances the session token is not cleared on logout."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-459",
"description": "CWE-459: Incomplete Cleanup",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-15T16:24:48",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-02"
}
],
"solutions": [
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS 10 versions with patch 10.1.5"
},
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS 11 versions with patch 11.0.2"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Metasys session token",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productsecurity@jci.com",
"DATE_PUBLIC": "2022-04-14T20:43:00.000Z",
"ID": "CVE-2021-36205",
"STATE": "PUBLIC",
"TITLE": "Metasys session token"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Metasys",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "All 10 versions",
"version_value": "10.1.5"
},
{
"version_affected": "\u003c",
"version_name": "All 11 versions",
"version_value": "11.0.2"
}
]
}
}
]
},
"vendor_name": "Johnson Controls"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Under certain circumstances the session token is not cleared on logout."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-459: Incomplete Cleanup"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories",
"refsource": "CONFIRM",
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"refsource": "CERT",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-02"
}
]
},
"solution": [
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS 10 versions with patch 10.1.5"
},
{
"lang": "en",
"value": "Update all Metasys ADS/ADX/OAS 11 versions with patch 11.0.2"
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2021-36205",
"datePublished": "2022-04-15T16:24:48.570137Z",
"dateReserved": "2021-07-06T00:00:00",
"dateUpdated": "2024-09-16T23:41:01.659Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9044 (GCVE-0-2020-9044)
Vulnerability from cvelistv5
Published
2020-03-10 19:28
Modified
2024-08-04 10:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-611 - - Information Leak Through XML External Entity File Disclosure
Summary
XXE vulnerability exists in the Metasys family of product Web Services which has the potential to facilitate DoS attacks or harvesting of ASCII server files. This affects Johnson Controls' Metasys Application and Data Server (ADS, ADS-Lite) versions 10.1 and prior; Metasys Extended Application and Data Server (ADX) versions 10.1 and prior; Metasys Open Data Server (ODS) versions 10.1 and prior; Metasys Open Application Server (OAS) version 10.1; Metasys Network Automation Engine (NAE55 only) versions 9.0.1, 9.0.2, 9.0.3, 9.0.5, 9.0.6; Metasys Network Integration Engine (NIE55/NIE59) versions 9.0.1, 9.0.2, 9.0.3, 9.0.5, 9.0.6; Metasys NAE85 and NIE85 versions 10.1 and prior; Metasys LonWorks Control Server (LCS) versions 10.1 and prior; Metasys System Configuration Tool (SCT) versions 13.2 and prior; Metasys Smoke Control Network Automation Engine (NAE55, UL 864 UUKL/ORD-C100-13 UUKLC 10th Edition Listed) version 8.1.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:19:19.812Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-070-05"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Metasys Application and Data Server (ADS, ADS-Lite)",
"vendor": "Johnson Controls",
"versions": [
{
"status": "affected",
"version": "versions 10.1 and prior"
}
]
},
{
"product": "Metasys Extended Application and Data Server (ADX)",
"vendor": "Johnson Controls",
"versions": [
{
"status": "affected",
"version": "versions 10.1 and prior"
}
]
},
{
"product": "Metasys Open Data Server (ODS)",
"vendor": "Johnson Controls",
"versions": [
{
"status": "affected",
"version": "versions 10.1 and prior"
}
]
},
{
"product": "Metasys Open Application Server (OAS)",
"vendor": "Johnson Controls",
"versions": [
{
"status": "affected",
"version": "version 10.1"
}
]
},
{
"product": "Metasys Network Automation Engine (NAE55 only)",
"vendor": "Johnson Controls",
"versions": [
{
"status": "affected",
"version": "versions 9.0.1"
},
{
"status": "affected",
"version": "9.0.2"
},
{
"status": "affected",
"version": "9.0.3"
},
{
"status": "affected",
"version": "9.0.5"
},
{
"status": "affected",
"version": "9.0.6"
}
]
},
{
"product": "Metasys Network Integration Engine (NIE55/NIE59)",
"vendor": "Johnson Controls",
"versions": [
{
"status": "affected",
"version": "versions 9.0.1"
},
{
"status": "affected",
"version": "9.0.2"
},
{
"status": "affected",
"version": "9.0.3"
},
{
"status": "affected",
"version": "9.0.5"
},
{
"status": "affected",
"version": "9.0.6"
}
]
},
{
"product": "Metasys NAE85 and NIE85",
"vendor": "Johnson Controls",
"versions": [
{
"status": "affected",
"version": "versions 10.1 and prior"
}
]
},
{
"product": "Metasys LonWorks Control Server (LCS)",
"vendor": "Johnson Controls",
"versions": [
{
"status": "affected",
"version": "versions 10.1 and prior"
}
]
},
{
"product": "Metasys System Configuration Tool (SCT)",
"vendor": "Johnson Controls",
"versions": [
{
"status": "affected",
"version": "versions 13.2 and prior"
}
]
},
{
"product": "Metasys Smoke Control Network Automation Engine (NAE55, UL 864 UUKL/ORD-C100-13 UUKLC 10th Edition Listed)",
"vendor": "Johnson Controls",
"versions": [
{
"status": "affected",
"version": "version 8.1"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Lukasz Rupala"
}
],
"descriptions": [
{
"lang": "en",
"value": "XXE vulnerability exists in the Metasys family of product Web Services which has the potential to facilitate DoS attacks or harvesting of ASCII server files. This affects Johnson Controls\u0027 Metasys Application and Data Server (ADS, ADS-Lite) versions 10.1 and prior; Metasys Extended Application and Data Server (ADX) versions 10.1 and prior; Metasys Open Data Server (ODS) versions 10.1 and prior; Metasys Open Application Server (OAS) version 10.1; Metasys Network Automation Engine (NAE55 only) versions 9.0.1, 9.0.2, 9.0.3, 9.0.5, 9.0.6; Metasys Network Integration Engine (NIE55/NIE59) versions 9.0.1, 9.0.2, 9.0.3, 9.0.5, 9.0.6; Metasys NAE85 and NIE85 versions 10.1 and prior; Metasys LonWorks Control Server (LCS) versions 10.1 and prior; Metasys System Configuration Tool (SCT) versions 13.2 and prior; Metasys Smoke Control Network Automation Engine (NAE55, UL 864 UUKL/ORD-C100-13 UUKLC 10th Edition Listed) version 8.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "CWE-611 - Information Leak Through XML External Entity File Disclosure ",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-10T19:28:30",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-070-05"
}
],
"solutions": [
{
"lang": "en",
"value": "Johnson Controls has developed a patch to address this issue. Customers should contact their local branch office for remediation. "
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Metasys Improper Restriction of XML External Entity Reference",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productsecurity@jci.com",
"ID": "CVE-2020-9044",
"STATE": "PUBLIC",
"TITLE": "Metasys Improper Restriction of XML External Entity Reference"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Metasys Application and Data Server (ADS, ADS-Lite)",
"version": {
"version_data": [
{
"version_value": "versions 10.1 and prior"
}
]
}
},
{
"product_name": "Metasys Extended Application and Data Server (ADX)",
"version": {
"version_data": [
{
"version_value": "versions 10.1 and prior"
}
]
}
},
{
"product_name": "Metasys Open Data Server (ODS)",
"version": {
"version_data": [
{
"version_value": "versions 10.1 and prior"
}
]
}
},
{
"product_name": "Metasys Open Application Server (OAS)",
"version": {
"version_data": [
{
"version_value": "version 10.1"
}
]
}
},
{
"product_name": "Metasys Network Automation Engine (NAE55 only)",
"version": {
"version_data": [
{
"version_value": "versions 9.0.1"
},
{
"version_value": "9.0.2"
},
{
"version_value": "9.0.3"
},
{
"version_value": "9.0.5"
},
{
"version_value": "9.0.6"
}
]
}
},
{
"product_name": "Metasys Network Integration Engine (NIE55/NIE59)",
"version": {
"version_data": [
{
"version_value": "versions 9.0.1"
},
{
"version_value": "9.0.2"
},
{
"version_value": "9.0.3"
},
{
"version_value": "9.0.5"
},
{
"version_value": "9.0.6"
}
]
}
},
{
"product_name": "Metasys NAE85 and NIE85",
"version": {
"version_data": [
{
"version_value": "versions 10.1 and prior"
}
]
}
},
{
"product_name": "Metasys LonWorks Control Server (LCS)",
"version": {
"version_data": [
{
"version_value": "versions 10.1 and prior"
}
]
}
},
{
"product_name": "Metasys System Configuration Tool (SCT)",
"version": {
"version_data": [
{
"version_value": "versions 13.2 and prior"
}
]
}
},
{
"product_name": "Metasys Smoke Control Network Automation Engine (NAE55, UL 864 UUKL/ORD-C100-13 UUKLC 10th Edition Listed)",
"version": {
"version_data": [
{
"version_value": "version 8.1"
}
]
}
}
]
},
"vendor_name": "Johnson Controls"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Lukasz Rupala"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "XXE vulnerability exists in the Metasys family of product Web Services which has the potential to facilitate DoS attacks or harvesting of ASCII server files. This affects Johnson Controls\u0027 Metasys Application and Data Server (ADS, ADS-Lite) versions 10.1 and prior; Metasys Extended Application and Data Server (ADX) versions 10.1 and prior; Metasys Open Data Server (ODS) versions 10.1 and prior; Metasys Open Application Server (OAS) version 10.1; Metasys Network Automation Engine (NAE55 only) versions 9.0.1, 9.0.2, 9.0.3, 9.0.5, 9.0.6; Metasys Network Integration Engine (NIE55/NIE59) versions 9.0.1, 9.0.2, 9.0.3, 9.0.5, 9.0.6; Metasys NAE85 and NIE85 versions 10.1 and prior; Metasys LonWorks Control Server (LCS) versions 10.1 and prior; Metasys System Configuration Tool (SCT) versions 13.2 and prior; Metasys Smoke Control Network Automation Engine (NAE55, UL 864 UUKL/ORD-C100-13 UUKLC 10th Edition Listed) version 8.1."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-611 - Information Leak Through XML External Entity File Disclosure "
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories",
"refsource": "CONFIRM",
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"refsource": "CERT",
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-070-05"
}
]
},
"solution": [
{
"lang": "en",
"value": "Johnson Controls has developed a patch to address this issue. Customers should contact their local branch office for remediation. "
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2020-9044",
"datePublished": "2020-03-10T19:28:30",
"dateReserved": "2020-02-18T00:00:00",
"dateUpdated": "2024-08-04T10:19:19.812Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}