Lucene search

K

Metasys Security Vulnerabilities

cve
cve

CVE-2023-4486

Under certain circumstances, invalid authentication credentials could be sent to the login endpoint of Johnson Controls Metasys NAE55, SNE, and SNC engines prior to versions 11.0.6 and 12.0.4 and Facility Explorer F4-SNC engines prior to versions 11.0.6 and 12.0.4 to cause...

7.5CVSS

7.6AI Score

0.0005EPSS

2023-12-07 08:15 PM
15
cve
cve

CVE-2022-21940

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute vulnerability in Johnson Controls System Configuration Tool (SCT) version 14 prior to 14.2.3 and version 15 prior to 15.0.3 could allow access to the...

7.5CVSS

6.2AI Score

0.001EPSS

2023-02-09 09:15 PM
23
cve
cve

CVE-2022-21939

Sensitive Cookie Without 'HttpOnly' Flag vulnerability in Johnson Controls System Configuration Tool (SCT) version 14 prior to 14.2.3 and version 15 prior to 15.0.3 could allow access to the...

7.5CVSS

6.2AI Score

0.001EPSS

2023-02-09 09:15 PM
22
cve
cve

CVE-2021-36204

Under some circumstances an Insufficiently Protected Credentials vulnerability in Johnson Controls Metasys ADS/ADX/OAS 10 versions prior to 10.1.6 and 11 versions prior to 11.0.3 allows API calls to expose credentials in plain...

7.8CVSS

7.4AI Score

0.001EPSS

2023-01-13 09:15 PM
24
cve
cve

CVE-2022-21936

On Metasys ADX Server version 12.0 running MVE, an Active Directory user could execute validated actions without providing a valid password when using MVE SMP...

8.1CVSS

6.6AI Score

0.001EPSS

2022-10-07 06:15 PM
31
4
cve
cve

CVE-2021-36200

Under certain circumstances an unauthenticated user could access the the web API for Metasys ADS/ADX/OAS 10 versions prior to 10.1.6 and 11 versions prior to 11.0.2 and enumerate...

5.3CVSS

5.3AI Score

0.001EPSS

2022-07-22 03:15 PM
1380
2
cve
cve

CVE-2022-21938

Under certain circumstances, a vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 could allow a user to inject malicious code into the MUI Graphics web...

8.1CVSS

5.5AI Score

0.001EPSS

2022-06-15 09:15 PM
43
5
cve
cve

CVE-2022-21937

Under certain circumstances, a vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 could allow a user to inject malicious code into the web...

8.7CVSS

5.5AI Score

0.001EPSS

2022-06-15 08:15 PM
51
5
cve
cve

CVE-2022-21935

A vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 allows unverified password...

7.5CVSS

7.5AI Score

0.001EPSS

2022-06-15 08:15 PM
66
5
cve
cve

CVE-2022-21934

Under certain circumstances an authenticated user could lock other users out of the system or take over their accounts in Metasys ADS/ADX/OAS server 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS server 11 versions prior to...

8.8CVSS

8.4AI Score

0.001EPSS

2022-05-06 04:15 PM
50
4
cve
cve

CVE-2021-36207

Under certain circumstances improper privilege management in Metasys ADS/ADX/OAS servers versions 10 and 11 could allow an authenticated user to elevate their privileges to...

8.8CVSS

8.5AI Score

0.001EPSS

2022-04-29 05:15 PM
69
cve
cve

CVE-2021-36203

The affected product may allow an attacker to identify and forge requests to internal systems by way of a specially crafted...

9.1CVSS

9AI Score

0.001EPSS

2022-04-22 03:15 PM
50
cve
cve

CVE-2021-36205

Under certain circumstances the session token is not cleared on...

9.8CVSS

9.4AI Score

0.002EPSS

2022-04-15 05:15 PM
54
cve
cve

CVE-2021-36202

Server-Side Request Forgery (SSRF) vulnerability in Johnson Controls Metasys could allow an authenticated attacker to inject malicious code into the MUI PDF export feature. This issue affects: Johnson Controls Metasys All 10 versions versions prior to 10.1.5; All 11 versions versions prior to...

8.8CVSS

8.5AI Score

0.001EPSS

2022-04-07 08:15 PM
72
cve
cve

CVE-2021-27657

Successful exploitation of this vulnerability could give an authenticated Metasys user an unintended level of access to the server file system, allowing them to access or modify system files by sending specifically crafted web messages to the Metasys system. This issue affects: Johnson Controls...

8.8CVSS

8.5AI Score

0.003EPSS

2021-06-04 03:15 PM
28
3
cve
cve

CVE-2020-9050

Path Traversal vulnerability exists in Metasys Reporting Engine (MRE) Web Services which could allow a remote unauthenticated attacker to access and download arbitrary files from the...

7.5CVSS

7.5AI Score

0.003EPSS

2021-02-19 06:15 PM
42
4
cve
cve

CVE-2020-9044

XXE vulnerability exists in the Metasys family of product Web Services which has the potential to facilitate DoS attacks or harvesting of ASCII server files. This affects Johnson Controls' Metasys Application and Data Server (ADS, ADS-Lite) versions 10.1 and prior; Metasys Extended Application and....

9.1CVSS

9AI Score

0.002EPSS

2020-03-10 08:15 PM
41
cve
cve

CVE-2019-7594

Metasys® ADS/ADX servers and NAE/NIE/NCE engines prior to 9.0 make use of a hardcoded RC2 key for certain encryption operations involving the Site Management Portal...

9.1CVSS

9.1AI Score

0.001EPSS

2019-08-20 07:15 PM
28
cve
cve

CVE-2019-7593

Metasys® ADS/ADX servers and NAE/NIE/NCE engines prior to 9.0 make use of a shared RSA key pair for certain encryption operations involving the Site Management Portal...

9.1CVSS

9.1AI Score

0.001EPSS

2019-08-20 07:15 PM
35
cve
cve

CVE-2018-10624

In Johnson Controls Metasys System Versions 8.0 and prior and BCPro (BCM) all versions prior to 3.0.2, this vulnerability results from improper error handling in HTTP-based communications with the server, which could allow an attacker to obtain technical...

6.5CVSS

6.2AI Score

0.001EPSS

2018-08-01 09:29 PM
37