Lucene search

[email protected]CVE-2021-36202

HistoryApr 07, 2022 - 8:15 p.m.

CVE-2021-36202

2022-04-0720:15:09

CWE-918

[email protected]

web.nvd.nist.gov

cve-2021-36202

server-side request forgery

ssrf

johnson controls metasys

pdf export vulnerability

nvd

security advisory

6.5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

42.9%

JSON

Server-Side Request Forgery (SSRF) vulnerability in Johnson Controls Metasys could allow an authenticated attacker to inject malicious code into the MUI PDF export feature. This issue affects: Johnson Controls Metasys All 10 versions versions prior to 10.1.5; All 11 versions versions prior to 11.0.2.

Affected configurations

NVD

Node

johnsoncontrolsmetasys_application_and_data_serverRange10.0–10.1.5

johnsoncontrolsmetasys_application_and_data_serverRange11.0–11.0.2

johnsoncontrolsmetasys_extended_application_and_data_serverRange10.0–10.1.5

johnsoncontrolsmetasys_extended_application_and_data_serverRange11.0–11.0.2

johnsoncontrolsmetasys_open_application_serverRange10.0–10.1.5

johnsoncontrolsmetasys_open_application_serverRange11.0–11.0.2

CPENameOperatorVersion
johnsoncontrols:metasys_application_and_data_serverjohnsoncontrols metasys application and data serverlt10.1.5
johnsoncontrols:metasys_application_and_data_serverjohnsoncontrols metasys application and data serverlt11.0.2
johnsoncontrols:metasys_extended_application_and_data_serverjohnsoncontrols metasys extended application and data serverlt10.1.5
johnsoncontrols:metasys_extended_application_and_data_serverjohnsoncontrols metasys extended application and data serverlt11.0.2
johnsoncontrols:metasys_open_application_serverjohnsoncontrols metasys open application serverlt10.1.5
johnsoncontrols:metasys_open_application_serverjohnsoncontrols metasys open application serverlt11.0.2

CPE	Name	Operator	Version
johnsoncontrols:metasys_application_and_data_server	johnsoncontrols metasys application and data server	lt	10.1.5
johnsoncontrols:metasys_application_and_data_server	johnsoncontrols metasys application and data server	lt	11.0.2
johnsoncontrols:metasys_extended_application_and_data_server	johnsoncontrols metasys extended application and data server	lt	10.1.5
johnsoncontrols:metasys_extended_application_and_data_server	johnsoncontrols metasys extended application and data server	lt	11.0.2
johnsoncontrols:metasys_open_application_server	johnsoncontrols metasys open application server	lt	10.1.5
johnsoncontrols:metasys_open_application_server	johnsoncontrols metasys open application server	lt	11.0.2

CNA Affected

[
  {
    "product": "Metasys",
    "vendor": "Johnson Controls",
    "versions": [
      {
        "lessThan": "10.1.5",
        "status": "affected",
        "version": "All 10 versions",
        "versionType": "custom"
      },
      {
        "lessThan": "11.0.2",
        "status": "affected",
        "version": "All 11 versions",
        "versionType": "custom"
      }
    ]
  }
]

References

www.cisa.gov/uscert/ics/advisories/icsa-22-095-02

www.johnsoncontrols.com/cyber-solutions/security-advisories

6.5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

42.9%

JSON

Related for CVE-2021-36202

nvd1 ics1 prion1 cvelist1