Johnsoncontrols: Security Vulnerabilities
Under certain circumstances exacqVision Web Services will not enforce secure web communications (HTTPS)
CVSS Score
6.4
EPSS Score
0.002
Published
2024-08-01
Under certain circumstances the exacqVision Web Services may be susceptible to Cross-Site Request Forgery (CSRF)
CVSS Score
6.8
EPSS Score
0.004
Published
2024-08-01
Under certain circumstances the Microsoft® Internet Information Server (IIS) used to host the C•CURE 9000 Web Server will log Microsoft Windows credential details within logs. There is no impact to non-web service interfaces C•CURE 9000 or prior versions
CVSS Score
8.5
EPSS Score
0.001
Published
2024-06-06
Under certain circumstances IQ Panel4 and IQ4 Hub panel software prior to version 4.4.2 could allow unauthorized access to settings.
CVSS Score
7.3
EPSS Score
0.001
Published
2024-02-08
An attacker with physical access to the Kantech Gen1 ioSmart card reader with firmware version prior to 1.07.02 in certain circumstances can recover the reader's communication memory between the card and reader.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-12-14
Under certain circumstances, invalid authentication credentials could be sent to the login endpoint of Johnson Controls Metasys NAE55, SNE, and SNC engines prior to
versions 11.0.6 and 12.0.4
and Facility Explorer F4-SNC engines prior to versions 11.0.6 and 12.0.4 to cause denial-of-service.
CVSS Score
7.5
EPSS Score
0.002
Published
2023-12-07
An unauthorized user could access debug features in Quantum HD Unity products that were accidentally exposed.
CVSS Score
10.0
EPSS Score
0.001
Published
2023-11-10
A local user could edit the VideoEdge configuration file and interfere with VideoEdge operation.
CVSS Score
7.1
EPSS Score
0.0
Published
2023-08-03
An unauthorized user could gain account access to IQ Wifi 6 versions prior to 2.0.2 by conducting a brute force authentication attack.
CVSS Score
8.3
EPSS Score
0.002
Published
2023-07-25
An unauthenticated user could log into iSTAR Ultra, iSTAR Ultra LT, iSTAR Ultra G2, and iSTAR Edge G2 with administrator rights.
CVSS Score
7.5
EPSS Score
0.002
Published
2023-07-11