Описание
A vulnerability in versions 10.1 through 10.5 of Johnson Controls CEM Systems AC2000 allows a remote attacker to access to the system without adequate authorization. This issue affects: Johnson Controls CEM Systems AC2000 10.1; 10.2; 10.3; 10.4; 10.5.
Ссылки
- Third Party AdvisoryUS Government Resource
- Vendor Advisory
- Third Party AdvisoryUS Government Resource
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 10.1 (включая) до 10.5 (включая)
Одновременно
cpe:2.3:o:johnsoncontrols:ac2000_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:johnsoncontrols:ac2000:-:*:*:*:*:*:*:*
EPSS
Процентиль: 72%
0.00727
Низкий
8.2 High
CVSS3
9.8 Critical
CVSS3
9.3 Critical
CVSS2
Дефекты
CWE-285
NVD-CWE-Other
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
A vulnerability in versions 10.1 through 10.5 of Johnson Controls CEM Systems AC2000 allows a remote attacker to access to the system without adequate authorization. This issue affects: Johnson Controls CEM Systems AC2000 10.1; 10.2; 10.3; 10.4; 10.5.
EPSS
Процентиль: 72%
0.00727
Низкий
8.2 High
CVSS3
9.8 Critical
CVSS3
9.3 Critical
CVSS2
Дефекты
CWE-285
NVD-CWE-Other