fkie_cve-2020-9044
Vulnerability from fkie_nvd
Published
2020-03-10 20:15
Modified
2024-11-21 05:39
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Summary
XXE vulnerability exists in the Metasys family of product Web Services which has the potential to facilitate DoS attacks or harvesting of ASCII server files. This affects Johnson Controls' Metasys Application and Data Server (ADS, ADS-Lite) versions 10.1 and prior; Metasys Extended Application and Data Server (ADX) versions 10.1 and prior; Metasys Open Data Server (ODS) versions 10.1 and prior; Metasys Open Application Server (OAS) version 10.1; Metasys Network Automation Engine (NAE55 only) versions 9.0.1, 9.0.2, 9.0.3, 9.0.5, 9.0.6; Metasys Network Integration Engine (NIE55/NIE59) versions 9.0.1, 9.0.2, 9.0.3, 9.0.5, 9.0.6; Metasys NAE85 and NIE85 versions 10.1 and prior; Metasys LonWorks Control Server (LCS) versions 10.1 and prior; Metasys System Configuration Tool (SCT) versions 13.2 and prior; Metasys Smoke Control Network Automation Engine (NAE55, UL 864 UUKL/ORD-C100-13 UUKLC 10th Edition Listed) version 8.1.
References
▶ | URL | Tags | |
---|---|---|---|
productsecurity@jci.com | https://www.johnsoncontrols.com/cyber-solutions/security-advisories | Vendor Advisory | |
productsecurity@jci.com | https://www.us-cert.gov/ics/advisories/icsa-20-070-05 | Third Party Advisory, US Government Resource | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.johnsoncontrols.com/cyber-solutions/security-advisories | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.us-cert.gov/ics/advisories/icsa-20-070-05 | Third Party Advisory, US Government Resource |
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:johnsoncontrols:metasys_application_and_data_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "4CE23B26-D034-4970-8848-B43F2E41389F", "versionEndIncluding": "10.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:johnsoncontrols:metasys_application_and_data_server:*:*:*:*:lite:*:*:*", "matchCriteriaId": "3C0620E4-119B-481C-BDAA-BC937C95E83E", "versionEndIncluding": "10.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:johnsoncontrols:metasys_extended_application_and_data_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "E496E16F-E3AE-4283-8DCF-A3D6F5A706CE", "versionEndIncluding": "10.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:johnsoncontrols:metasys_lonworks_control_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "263A24F9-B037-4BC5-9314-096D95656650", "versionEndIncluding": "10.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:johnsoncontrols:metasys_open_application_server:10.1:*:*:*:*:*:*:*", "matchCriteriaId": "FB603510-C12B-4B2B-A02F-5466A55F8B74", "vulnerable": true }, { "criteria": "cpe:2.3:a:johnsoncontrols:metasys_open_data_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "71968137-C008-437F-8C21-4A4ED0B7E56C", "versionEndIncluding": "10.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:johnsoncontrols:metasys_system_configuration_tool:*:*:*:*:*:*:*:*", "matchCriteriaId": "F56178B0-3FE7-461D-ADA2-54462A6D7B46", "versionEndIncluding": "13.2", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:johnsoncontrols:nae55_firmware:9.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "5EB854EA-B50A-4F40-A4D8-FFB8853D76E2", "vulnerable": true }, { "criteria": "cpe:2.3:o:johnsoncontrols:nae55_firmware:9.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "EE91E65D-F366-4B12-B38C-86CFF8022E48", "vulnerable": true }, { "criteria": "cpe:2.3:o:johnsoncontrols:nae55_firmware:9.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "5F2F47CB-E7EB-49C8-8B9F-3B30A42AD24B", "vulnerable": true }, { "criteria": "cpe:2.3:o:johnsoncontrols:nae55_firmware:9.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "52D4A61B-C0B1-41EC-80F2-9BA6C630C29D", "vulnerable": true }, { "criteria": "cpe:2.3:o:johnsoncontrols:nae55_firmware:9.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "4F236C62-19F6-4E3D-9FD5-BF0CFD438E35", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:johnsoncontrols:nae55:-:*:*:*:*:*:*:*", "matchCriteriaId": "019B3C3A-BB07-4BC2-B3DB-1C0DEA374251", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:johnsoncontrols:nie55_firmware:9.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "F7F20C9A-86A1-4402-ACA5-5FFEB9470788", "vulnerable": true }, { "criteria": "cpe:2.3:o:johnsoncontrols:nie55_firmware:9.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "652D8597-9F8A-4FA3-9EA9-8BB26C2953DA", "vulnerable": true }, { "criteria": "cpe:2.3:o:johnsoncontrols:nie55_firmware:9.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "18DC2810-E54D-4EAC-A7B1-7B88AFF16935", "vulnerable": true }, { "criteria": "cpe:2.3:o:johnsoncontrols:nie55_firmware:9.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "C263049B-9173-469D-BDF8-1D6B61A2BA71", "vulnerable": true }, { "criteria": "cpe:2.3:o:johnsoncontrols:nie55_firmware:9.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "70664E20-DC56-4AFA-9E9A-5BA794FD6080", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:johnsoncontrols:nie55:-:*:*:*:*:*:*:*", "matchCriteriaId": "9407D2BB-6929-47D8-8B2F-F013EBC607E0", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:johnsoncontrols:nie59_firmware:9.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "BBA16884-A626-4483-ABB6-EC7059B1A549", "vulnerable": true }, { "criteria": "cpe:2.3:o:johnsoncontrols:nie59_firmware:9.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "ACFF546D-7FCA-4EC1-9E85-086D9FBBD468", "vulnerable": true }, { "criteria": "cpe:2.3:o:johnsoncontrols:nie59_firmware:9.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "320A2B91-2E96-45C4-86A5-3B575E4A9A55", "vulnerable": true }, { "criteria": "cpe:2.3:o:johnsoncontrols:nie59_firmware:9.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "91D52CD2-381E-4625-A9D9-BED66E8CD96F", "vulnerable": true }, { "criteria": "cpe:2.3:o:johnsoncontrols:nie59_firmware:9.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "13D8F48D-153D-4642-A81A-04A08AC59314", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:johnsoncontrols:nie59:-:*:*:*:*:*:*:*", "matchCriteriaId": "1902A4F3-0902-40A3-992B-254BEB6BE555", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:johnsoncontrols:nae85_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "8708B37B-CEB2-4CFC-A6B4-46C5805A4B81", "versionEndIncluding": "10.1", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:johnsoncontrols:nae85:-:*:*:*:*:*:*:*", "matchCriteriaId": "E484FC0C-DB0A-428C-9D03-4B6EED9A5C8D", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:johnsoncontrols:nie85_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "0B53A40F-C2D2-4A00-81C7-3AD82CE6B9CC", "versionEndIncluding": "10.1", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:johnsoncontrols:nie85:-:*:*:*:*:*:*:*", "matchCriteriaId": "46B1775A-BFB4-469F-8E95-EF22F539E0B0", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:johnsoncontrols:nae55_firmware:8.1:*:*:*:*:*:*:*", "matchCriteriaId": "D4067014-451C-489A-B2D5-82F027080047", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:johnsoncontrols:nae55:-:*:*:*:*:*:*:*", "matchCriteriaId": "019B3C3A-BB07-4BC2-B3DB-1C0DEA374251", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:johnsoncontrols:ul_864_uukl_firmware:8.1:*:*:*:*:*:*:*", "matchCriteriaId": "49FB882E-9263-46EB-8734-36B13F2BA7AC", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:johnsoncontrols:ul_864_uukl:-:*:*:*:*:*:*:*", "matchCriteriaId": "90B22EEA-266F-4117-995A-B8AD850E58D1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:johnsoncontrols:ord-c100-13_uuklc_firmware:8.1:*:*:*:*:*:*:*", "matchCriteriaId": "05874312-36F3-4CAF-85EA-550A2E21529C", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:johnsoncontrols:ord-c100-13_uuklc:-:*:*:*:*:*:*:*", "matchCriteriaId": "E6A419B6-62AC-4ADA-A84F-F183BA76DDC5", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "XXE vulnerability exists in the Metasys family of product Web Services which has the potential to facilitate DoS attacks or harvesting of ASCII server files. This affects Johnson Controls\u0027 Metasys Application and Data Server (ADS, ADS-Lite) versions 10.1 and prior; Metasys Extended Application and Data Server (ADX) versions 10.1 and prior; Metasys Open Data Server (ODS) versions 10.1 and prior; Metasys Open Application Server (OAS) version 10.1; Metasys Network Automation Engine (NAE55 only) versions 9.0.1, 9.0.2, 9.0.3, 9.0.5, 9.0.6; Metasys Network Integration Engine (NIE55/NIE59) versions 9.0.1, 9.0.2, 9.0.3, 9.0.5, 9.0.6; Metasys NAE85 and NIE85 versions 10.1 and prior; Metasys LonWorks Control Server (LCS) versions 10.1 and prior; Metasys System Configuration Tool (SCT) versions 13.2 and prior; Metasys Smoke Control Network Automation Engine (NAE55, UL 864 UUKL/ORD-C100-13 UUKLC 10th Edition Listed) version 8.1." }, { "lang": "es", "value": "Hay la vulnerabilidad de tipo XXE, en la familia de productos Web Services de Metasys, que tiene el potencial de facilitar ataques de DoS o la recolecci\u00f3n de archivos de servidor ASCII. Esto afecta a Metasys Application and Data Server (ADS, ADS-Lite) versiones 10.1 y anteriores; Metasys Extended Application and Data Server (ADX) versiones 10.1 y anteriores; Metasys Open Data Server (ODS) versiones 10.1 y anteriores; Metasys Open Application Server (OAS) versi\u00f3n 10.1; Metasys Network Automation Engine (solo NAE55) versiones 9.0.1, 9.0.2, 9.0.3, 9.0.5, 9.0.6; Metasys Network Integration Engine (NIE55/NIE59) versiones 9.0.1, 9.0.2, 9.0.3, 9.0.5, 9.0.6; Metasys NAE85 and NIE85 versiones 10.1 y anteriores; Metasys LonWorks Control Server (LCS) versiones 10.1 y anteriores; Metasys System Configuration Tool (SCT) versiones 13.2 y anteriores; Metasys Snake Control Network Automation Engine (NAE55, UL 864 UUKL/ORD-C100-13 UUKLC 10th Edici\u00f3n Listad) versi\u00f3n 8.1, todas de Johnson Control." } ], "id": "CVE-2020-9044", "lastModified": "2024-11-21T05:39:53.377", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "productsecurity@jci.com", "type": "Secondary" }, { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2020-03-10T20:15:22.197", "references": [ { "source": "productsecurity@jci.com", "tags": [ "Vendor Advisory" ], "url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories" }, { "source": "productsecurity@jci.com", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "https://www.us-cert.gov/ics/advisories/icsa-20-070-05" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "https://www.us-cert.gov/ics/advisories/icsa-20-070-05" } ], "sourceIdentifier": "productsecurity@jci.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-611" } ], "source": "productsecurity@jci.com", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "CWE-611" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…