Lucene search

K
nvd[email protected]NVD:CVE-2014-5427
HistoryMar 29, 2015 - 10:59 a.m.

CVE-2014-5427

2015-03-2910:59:00
CWE-200
web.nvd.nist.gov

6.7 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.006 Low

EPSS

Percentile

78.9%

Johnson Controls Metasys 4.1 through 6.5, as used in Application and Data Server (ADS), Extended Application and Data Server (aka ADX), LonWorks Control Server 85 LCS8520, Network Automation Engine (NAE) 55xx-x, Network Integration Engine (NIE) 5xxx-x, and NxE8500, allows remote attackers to read password hashes via a POST request.

Affected configurations

NVD
Node
johnsoncontrolsapplication_and_data_serverMatch-
OR
johnsoncontrolsextended_application_and_data_serverMatch-
OR
johnsoncontrolslonworks_control_server_lcs8520Match-
OR
johnsoncontrolsnetwork_automation_engine_5510-2Match-
OR
johnsoncontrolsnetwork_automation_engine_5510-2uMatch-
OR
johnsoncontrolsnetwork_automation_engine_5511-2Match-
OR
johnsoncontrolsnetwork_automation_engine_5520-2Match-
OR
johnsoncontrolsnetwork_automation_engine_5521-2Match-
OR
johnsoncontrolsnetwork_integration_engine_5510-2Match-
OR
johnsoncontrolsnetwork_integration_engine_5511-2Match-
OR
johnsoncontrolsnxe8500Match-
AND
johnsoncontrolsmetsysMatch4.1
OR
johnsoncontrolsmetsysMatch6.5

6.7 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.006 Low

EPSS

Percentile

78.9%

Related for NVD:CVE-2014-5427