Metasys Open Application Server Security Vulnerabilities and Issues — Metasys Open Application Server CVE List

Lucene search

JohnsoncontrolsMetasys Open Application Server

2 matches found

CVE•added 2022/06/15 8:15 p.m.•84 views

CVE-2022-21935

A vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 allows unverified password change.

7.5CVSS7.7AI score0.00185EPSS

CVE•added 2023/01/13 9:15 p.m.•38 views

CVE-2021-36204

Under some circumstances an Insufficiently Protected Credentials vulnerability in Johnson Controls Metasys ADS/ADX/OAS 10 versions prior to 10.1.6 and 11 versions prior to 11.0.3 allows API calls to expose credentials in plain text.

7.8CVSS7.5AI score0.00171EPSS