3 matches found
CVE-2021-36205
Under certain circumstances the session token is not cleared on logout...
CVE-2021-36205 Metasys session token
Under certain circumstances the session token is not cleared on logout...
CVE-2021-36205
Johnson Controls Metasys ADS/ADX/OAS Servers are affected by CVE-2021-36205 (CWE-459: Incomplete Cleanup). Under certain conditions, session tokens are not cleared on logout, enabling potential misuse of active sessions. Affected products include all Metasys ADS/ADX/OAS Servers (versions 10 and 1...