CVE-2018-10624

2018-08-01T21:29:00
ID CVE-2018-10624
Type cve
Reporter ics-cert@hq.dhs.gov
Modified 2019-10-09T23:32:00

Description

In Johnson Controls Metasys System Versions 8.0 and prior and BCPro (BCM) all versions prior to 3.0.2, this vulnerability results from improper error handling in HTTP-based communications with the server, which could allow an attacker to obtain technical information.