Vulners
Lucene search
| Reporter | Title | Published | Views | Family All 10 |
|---|---|---|---|---|
 | Johnson Controls Metasys XML External Entity Injection Vulnerability | 11 Mar 202000:00 | – | cnvd |
 | CVE-2020-9044 | 10 Mar 202019:28 | – | cve |
 | CVE-2020-9044 Metasys Improper Restriction of XML External Entity Reference | 10 Mar 202019:28 | – | cvelist |
 | Johnson Controls Metasys | 10 Mar 202000:00 | – | ics |
 | CVE-2020-9044 | 10 Mar 202020:15 | – | nvd |
 | CVE-2020-9044 | 10 Mar 202020:15 | – | osv |
 | Johnsoncontrols Metasys Improper Restriction of XML External Entity Reference | 10 Aug 202100:00 | – | nessus |
| Johnson Controls Metasys Improper Restriction of XML External Entity Reference (CVE-2020-9044) | 7 Feb 202200:00 | – | nessus |
 | Xxe | 10 Mar 202020:15 | – | prion |
 | CVE-2020-9044 | 5 Feb 202515:05 | – | redhatcve |
10
[
{
"enisaIdVendor": [
{
"id": "35eb06c4-7e95-37cb-8ef7-2a447aacea72",
"vendor": {
"name": "Johnson Controls"
}
}
],
"enisaIdProduct": [
{
"id": "088c3a0a-abd5-300a-b399-cb52757e2610",
"product": {
"name": "Metasys Network Integration Engine (NIE55/NIE59)"
},
"product_version": "9.0.3"
},
{
"id": "1cf40883-5ad9-3866-adcd-26f1e80b16c4",
"product": {
"name": "Metasys Open Application Server (OAS)"
},
"product_version": "version 10.1"
},
{
"id": "28bb0d7e-a18e-3fc8-81f3-c54da4b486c2",
"product": {
"name": "Metasys Network Automation Engine (NAE55 only)"
},
"product_version": "9.0.5"
},
{
"id": "2f98615c-efe7-3254-a205-5c4f239931ef",
"product": {
"name": "Metasys NAE85 and NIE85"
},
"product_version": "versions 10.1 and prior"
},
{
"id": "3721b001-c15d-317d-bd60-ae947e649b40",
"product": {
"name": "Metasys System Configuration Tool (SCT)"
},
"product_version": "versions 13.2 and prior"
},
{
"id": "61be1b46-e559-3c39-bc14-01e6f1b494e4",
"product": {
"name": "Metasys Network Integration Engine (NIE55/NIE59)"
},
"product_version": "9.0.5"
},
{
"id": "72ada592-f0be-3b98-9026-c3489079ec6d",
"product": {
"name": "Metasys Extended Application and Data Server (ADX)"
},
"product_version": "versions 10.1 and prior"
},
{
"id": "78966e8a-ce1e-3942-bc68-c5c0d01ed1b7",
"product": {
"name": "Metasys Network Integration Engine (NIE55/NIE59)"
},
"product_version": "9.0.2"
},
{
"id": "7a18e919-8b3d-38ef-ac29-fa17a5b90340",
"product": {
"name": "Metasys Network Integration Engine (NIE55/NIE59)"
},
"product_version": "9.0.6"
},
{
"id": "7ce57e82-b83e-37d9-96f7-28d2cd294641",
"product": {
"name": "Metasys Network Automation Engine (NAE55 only)"
},
"product_version": "9.0.6"
},
{
"id": "8617e379-b7dd-35e1-92a3-0c8d8209ac3c",
"product": {
"name": "Metasys Network Automation Engine (NAE55 only)"
},
"product_version": "versions 9.0.1"
},
{
"id": "89bf54c1-12fc-37f4-a672-71964e423e54",
"product": {
"name": "Metasys Network Automation Engine (NAE55 only)"
},
"product_version": "9.0.3"
},
{
"id": "8e1d0679-f9b8-3401-b5a9-28fb7d0500b1",
"product": {
"name": "Metasys LonWorks Control Server (LCS)"
},
"product_version": "versions 10.1 and prior"
},
{
"id": "bfa65ac5-fa19-3920-aace-122c19137187",
"product": {
"name": "Metasys Network Automation Engine (NAE55 only)"
},
"product_version": "9.0.2"
},
{
"id": "c995b98d-ca48-39b7-a9dc-3ee522f7f461",
"product": {
"name": "Metasys Open Data Server (ODS)"
},
"product_version": "versions 10.1 and prior"
},
{
"id": "cb4be6c0-92ee-3fdc-bc6c-24625679d762",
"product": {
"name": "Metasys Smoke Control Network Automation Engine (NAE55, UL 864 UUKL/ORD-C100-13 UUKLC 10th Edition Listed)"
},
"product_version": "version 8.1"
},
{
"id": "f37c2b46-7e81-3058-aea7-1c0a05c094d8",
"product": {
"name": "Metasys Application and Data Server (ADS, ADS-Lite)"
},
"product_version": "versions 10.1 and prior"
},
{
"id": "f4caae47-640f-3f7d-934c-25e024993d5a",
"product": {
"name": "Metasys Network Integration Engine (NIE55/NIE59)"
},
"product_version": "versions 9.0.1"
}
]
}
]| Source | Link |
|---|---|
| johnsoncontrols | www.johnsoncontrols.com/cyber-solutions/security-advisories |
| us-cert | www.us-cert.gov/ics/advisories/icsa-20-070-05 |
| github | www.github.com/advisories/GHSA-293c-r3p4-g63r |
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
07 Oct 2025 00:30Current
8.9High risk
Vulners AI Score8.9
CVSS 3.17.5 - 9.1
CVSS 26.4
EPSS0.00269