Lucene search
CVE-2022-21939
Sensitive Cookie Without 'HttpOnly' Flag vulnerability in Johnson Controls System Configuration Tool (SCT) version 14 prior to 14.2.3 and version 15 prior to 15.0.3 could allow access to the cookie
Show more
| Reporter | Title | Published | Views | Family All 4 |
|---|---|---|---|---|
 | CVE-2022-21939 | 9 Feb 202321:15 | – | nvd |
 | Design/Logic Flaw | 9 Feb 202321:15 | – | prion |
 | CVE-2022-21939 Sensitive cookie without 'HttpOnly' flag in System Configuration Tool (SCT) | 9 Feb 202320:49 | – | cvelist |
 | Johnson Controls System Configuration Tool (SCT) | 9 Feb 202300:00 | – | ics |
Node
OR
[
{
"defaultStatus": "unaffected",
"product": "System Configuration Tool (SCT)",
"vendor": "Johnson Controls",
"versions": [
{
"lessThan": "14.2.3",
"status": "affected",
"version": "14",
"versionType": "custom"
},
{
"lessThan": "15.0.3",
"status": "affected",
"version": "15",
"versionType": "custom"
}
]
}
]| Source | Link |
|---|---|
| cisa | www.cisa.gov/uscert/ics/advisories/icsa-23-040-03 |
| johnsoncontrols | www.johnsoncontrols.com/cyber-solutions/security-advisories |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo09 Feb 2023 21:15Current
6.5Medium risk
Vulners AI Score6.5
CVSS36.1 - 7.5
EPSS0.00121