3 matches found
Johnson Controls exacqVision Web Service < 24.06 Multiple Vulnerabilities
The version of the Johnson Controls exacqVision Web Service running on the remote host is prior to 24.03. It is, therefore, affected by multiple vulnerabilities. - Under certain circumstances the exacqVision Web Services does not provide sufficient protection from untrusted domains. CVE-2024-3286...
CVE-2024-32862 exacqVision CORS
Under certain circumstances the ExacqVision Web Services does not provide sufficient protection from untrusted domains...
Johnson Controls exacqVision Server web service
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.6 ATTENTION : Exploitable remotely Vendor : Johnson Controls Inc. Equipment : exacqVision Web Service Vulnerability : Permissive Cross-domain Policy with Untrusted Domains 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an...