2 matches found
CVE-2020-9044
XXE vulnerability exists in the Metasys family of product Web Services which has the potential to facilitate DoS attacks or harvesting of ASCII server files. This affects Johnson Controls' Metasys Application and Data Server ADS, ADS-Lite versions 10.1 and prior; Metasys Extended Application and...
CVE-2020-9044
CVE-2020-9044 - XML External Entity (XXE) in Metasys Web Services : The vulnerability is an XXE in Johnson Controls Metasys Web Services, enabling potential DoS and harvesting of server ASCII files. Affected products include ADS/ADS-Lite, ADX, ODS, OAS, NAE55/NIE55/ NIE59 families, NAE85/NIE85, L...