Johnsoncontrols: >> Metasys Extended Application And Data Server >> 11.0.2 Security Vulnerabilities
Under some circumstances an Insufficiently Protected Credentials vulnerability in Johnson Controls Metasys ADS/ADX/OAS 10 versions prior to 10.1.6 and 11 versions prior to 11.0.3 allows API calls to expose credentials in plain text.
CVSS Score
7.8
EPSS Score
0.002
Published
2023-01-13