Johnsoncontrols: Security Vulnerabilities
The affected product may allow an attacker to identify and forge requests to internal systems by way of a specially crafted request.
CVSS Score
5.3
EPSS Score
0.002
Published
2022-04-22
Under certain circumstances the session token is not cleared on logout.
CVSS Score
8.1
EPSS Score
0.003
Published
2022-04-15
An issue in EasyIO CPT Graphics v0.8 allows attackers to discover valid users in the application.
CVSS Score
5.3
EPSS Score
0.003
Published
2022-04-13
Server-Side Request Forgery (SSRF) vulnerability in Johnson Controls Metasys could allow an authenticated attacker to inject malicious code into the MUI PDF export feature. This issue affects: Johnson Controls Metasys All 10 versions versions prior to 10.1.5; All 11 versions versions prior to 11.0.2.
CVSS Score
8.4
EPSS Score
0.002
Published
2022-04-07
Running a vulnerability scanner against VideoEdge NVRs can cause some functionality to stop.
CVSS Score
5.3
EPSS Score
0.002
Published
2022-01-14
Successful exploitation of this vulnerability could allow an unauthorized user to access sensitive data.
CVSS Score
8.3
EPSS Score
0.002
Published
2021-12-06
Under certain configurations an unauthenticated remote user could be given access to credentials stored in the exacqVision Server.
CVSS Score
9.8
EPSS Score
0.003
Published
2021-10-11
An unauthenticated remote user could exploit a potential integer overflow condition in the exacqVision Server with a specially crafted script and cause denial-of-service condition.
CVSS Score
7.5
EPSS Score
0.003
Published
2021-10-11
The KT-1 door controller is susceptible to replay or man-in-the-middle attacks where an attacker can record and replay TCP packets. This issue affects Johnson Controls KT-1 all versions up to and including 3.01
CVSS Score
8.6
EPSS Score
0.002
Published
2021-09-15
A vulnerability in versions 10.1 through 10.5 of Johnson Controls CEM Systems AC2000 allows a remote attacker to access to the system without adequate authorization. This issue affects: Johnson Controls CEM Systems AC2000 10.1; 10.2; 10.3; 10.4; 10.5.
CVSS Score
8.2
EPSS Score
0.006
Published
2021-08-30