Vulnerability Details CVE-2021-27659
exacqVision Web Service 21.03 does not sufficiently validate, filter, escape, and/or encode user-controllable input before it is placed in output that is used as a web page that is served to other users.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 49.8%
CVSS Severity
CVSS v3 Score 5.3
CVSS v2 Score 4.3
References
- https://us-cert.cisa.gov/ics/advisories/icsa-21-180-01
- https://us-cert.gov/ics/advisories
- https://www.johnsoncontrols.com/cyber-solutions/security-advisories
- https://us-cert.cisa.gov/ics/advisories/icsa-21-180-01
- https://us-cert.gov/ics/advisories
- https://www.johnsoncontrols.com/cyber-solutions/security-advisories
Products affected by CVE-2021-27659
-
cpe:2.3:a:johnsoncontrols:exacqvision_web_service:-
-
cpe:2.3:a:johnsoncontrols:exacqvision_web_service:20.06.11.0
-
cpe:2.3:a:johnsoncontrols:exacqvision_web_service:20.06.3.0
-
cpe:2.3:a:johnsoncontrols:exacqvision_web_service:21.03