Johnsoncontrols: >> Exacqvision Enterprise Manager Security Vulnerabilities
exacqVision Enterprise Manager 20.12 does not sufficiently validate, filter, escape, and/or encode user-controllable input before it is placed in output that is used as a web page that is served to other users.
CVSS Score
4.3
EPSS Score
0.002
Published
2021-06-24
A vulnerability exists that could allow the execution of unauthorized code or operating system commands on systems running exacqVision Web Service versions 20.06.3.0 and prior and exacqVision Enterprise Manager versions 20.06.4.0 and prior. An attacker with administrative privileges could potentially download and run a malicious executable that could allow OS command injection on the system.
CVSS Score
6.8
EPSS Score
0.178
Published
2020-06-26