CVE-2021-36204
The CVE-2021-36204 vulnerability affects Johnson Controls Metasys ADS/ADX/OAS Servers: versions 10.x prior to 10.1.6 and 11.x prior to 11.0.3. Root cause is Insufficiently Protected Credentials, allowing API calls to expose plaintext credentials. Impact is high (confidentiality and total impact o...