Lucene search

CVE-2022-21939

🗓️ 09 Feb 2023 21:11:15Reported by [email protected]Type

Sensitive Cookie Without 'HttpOnly' Flag vulnerability in Johnson Controls System Configuration Tool (SCT) version 14 prior to 14.2.3 and version 15 prior to 15.0.3 could allow access to the cookie

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 5
Cvelist	CVE-2022-21939 Sensitive cookie without 'HttpOnly' flag in System Configuration Tool (SCT)	9 Feb 202320:49	–	cvelist
CVE	CVE-2022-21939	9 Feb 202321:15	–	cve
Prion	Design/Logic Flaw	9 Feb 202321:15	–	prion
Vulnrichment	CVE-2022-21939 Sensitive cookie without 'HttpOnly' flag in System Configuration Tool (SCT)	9 Feb 202320:49	–	vulnrichment
ICS	Johnson Controls System Configuration Tool (SCT)	9 Feb 202300:00	–	ics

Nvd

Node

johnsoncontrols metasys_system_configuration_toolRange14.0–14.2.3

johnsoncontrols metasys_system_configuration_toolRange15.0–15.0.3

Source	Link
cisa	www.cisa.gov/uscert/ics/advisories/icsa-23-040-03
johnsoncontrols	www.johnsoncontrols.com/cyber-solutions/security-advisories

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

09 Feb 2023 21:15Current

7.5High risk

Vulners AI Score7.5

CVSS36.1

EPSS0.00121