Johnson Controls Vulnerabilidad

Cronología

Escribe

Not Defined	26
Wireless LAN Software	1
Reporting Software	1

Producto

Johnson Controls Metasys ADX	9
Johnson Controls Metasys ADS	8
Johnson Controls Metasys OAS	8
Johnson Controls Metasys	3
Johnson Controls OpenBlue Enterprise Manager Data ...	2

Contramedidas

Official Fix	22
Temporary Fix	0
Workaround	0
Unavailable	0
Not Defined	6

Explotabilidad

High	0
Functional	0
Proof-of-Concept	0
Unproven	0
Not Defined	28

Vector de acceso

Not Defined	0
Physical	0
Local	0
Adjacent	3
Network	25

Autenticación

Not Defined	0
High	0
Low	11
None	17

La interacción del usuario

Not Defined	0
Required	6
None	22

C3BM Index

CVSSv3 Base

≤1	0
≤2	0
≤3	0
≤4	0
≤5	1
≤6	8
≤7	11
≤8	6
≤9	1
≤10	1

CVSSv3 Temp

≤1	0
≤2	0
≤3	0
≤4	0
≤5	1
≤6	9
≤7	11
≤8	5
≤9	1
≤10	1

VulDB

≤1	0
≤2	0
≤3	0
≤4	6
≤5	6
≤6	5
≤7	6
≤8	4
≤9	0
≤10	1

NVD

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	2
≤7	6
≤8	2
≤9	0
≤10	2

CNA

≤1	0
≤2	0
≤3	0
≤4	0
≤5	1
≤6	2
≤7	0
≤8	6
≤9	8
≤10	3

Proveedor

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Explotar día 0

<1k	4
<2k	12
<5k	12
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Explotar hoy

<1k	28
<2k	0
<5k	0
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Explotar el volumen del mercado

🔴 CTI Ocupaciones

Affected Products (22): American Dynamics Victor Web Client (1), C-CURE 9000 (1), CEM Systems AC2000 (1), CKS CEVAS (1), Facility Explorer F4-SNC (1), Facility Explorer SNC Series Supervisory Controller (1), IQ Wifi 6 (1), KT-1 (1), Metasys (3), Metasys ADS (8), Metasys ADX (9), Metasys NAE55 (1), Metasys OAS (8), Metasys Reporting Engine (1), Metasys SNC (1), Metasys SNE (1), OpenBlue Enterprise Manager Data Collector (2), Quantum HD Unity (1), Software House C-CURE Web Client (1), System Configuration Tool (2), exacqVision Enterprise Manager (1), exacqVision Web Service (1)

Fecha de publicación	Base	Temp	Vulnerabilidad	Prod	Exp	Con	EPSS	CTI	CVE
2023-12-08	6.4	6.3	Johnson Controls Metasys NAE55 Login Endpoint denegación de servicio	Desconocido	Not Defined	Official Fix	0.00046	0.02	CVE-2023-4486
2023-11-09	9.9	9.7	Johnson Controls Quantum HD Unity Remote Code Execution	Desconocido	Not Defined	Official Fix	0.00091	0.00	CVE-2023-4804
2023-07-25	7.3	7.2	Johnson Controls IQ Wifi 6 divulgación de información	Wireless LAN Software	Not Defined	Official Fix	0.00091	0.00	CVE-2023-3548
2023-05-19	5.3	5.2	Johnson Controls OpenBlue Enterprise Manager Data Collector API divulgación de información	Desconocido	Not Defined	Official Fix	0.00069	0.02	CVE-2023-2025
2023-05-19	8.3	8.2	Johnson Controls OpenBlue Enterprise Manager Data Collector API autenticación débil	Desconocido	Not Defined	Official Fix	0.00176	0.00	CVE-2023-2024
2023-02-10	5.8	5.7	Johnson Controls System Configuration Tool divulgación de información	Desconocido	Not Defined	Official Fix	0.00079	0.00	CVE-2022-21940
2023-02-10	5.6	5.5	Johnson Controls System Configuration Tool escalada de privilegios	Desconocido	Not Defined	Official Fix	0.00079	0.00	CVE-2022-21939
2023-01-13	6.5	6.5	Johnson Controls Metasys ADS/Metasys ADX/Metasys OAS API divulgación de información	Desconocido	Not Defined	Official Fix	0.00143	0.00	CVE-2021-36204
2022-10-28	6.8	6.7	Johnson Controls CKS CEVAS cross site scripting	Desconocido	Not Defined	Official Fix	0.00091	0.00	CVE-2021-36206
2022-10-05	7.3	7.2	Johnson Controls Metasys ADX User Identity Claim autenticación débil	Desconocido	Not Defined	Official Fix	0.00053	0.02	CVE-2022-21936

18 no se muestran más entradas

🔒 Login Required

You need to signup and login to see more of the remaining 18 results.

◂ AnteriorVisión De ConjuntoPróximo ▸

Do you need the next level of professionalism?

Upgrade your account now!