3 matches found
Johnson Controls OpenBlue Enterprise Manager Data Collector
1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Johnson Controls Inc. Equipment: OpenBlue Enterprise Manager Data Collector Vulnerabilities: Improper Authentication, Exposure of Sensitive Information to an Unauthorized Actor 2. RISK EVALUATION...
CVE-2023-2024
OpenBlue Enterprise Manager Data Collector (Johnson Controls) is affected when running firmware versions prior to 3.2.5.75. The vulnerability is described as improper authentication, allowing an unauthorized user to perform API calls under certain circumstances. The advisory details indicate that...
CVE-2023-2024 Improper Authentication for OpenBlue Enterprise Manager Data Collector
Improper authentication in OpenBlue Enterprise Manager Data Collector versions prior to 3.2.5.75 allow access to an unauthorized user under certain circumstances...