In Johnson Controls Metasys System Versions 8.0 and prior and BCPro (BCM) all versions prior to 3.0.2, this vulnerability results from improper error handling in HTTP-based communications with the server, which could allow an attacker to obtain technical information.
File data ot_500468.nasl
Vendor | Product | Version | CPE |
---|---|---|---|
johnsoncontrols | bcpro | * | cpe:2.3:a:johnsoncontrols:bcpro:*:*:*:*:*:*:*:* |
johnsoncontrols | metasys_system | * | cpe:2.3:a:johnsoncontrols:metasys_system:*:*:*:*:*:*:*:* |