A vulnerability in exacqVision Web Service 20.12.2.0 and prior could allow an unauthenticated attacker to view system-level information about the exacqVision Web Service and the operating system.
References
Link | Resource |
---|---|
https://us-cert.cisa.gov/ics/advisories/icsa-21-077-01 | Third Party Advisory US Government Resource |
https://www.johnsoncontrols.com/cyber-solutions/security-advisories | Patch Vendor Advisory |
Configurations
Information
Published : 2021-03-18 11:15
Updated : 2021-03-24 19:40
NVD link : CVE-2021-27656
Mitre link : CVE-2021-27656
JSON object : View
CWE
CWE-862
Missing Authorization
Products Affected
johnsoncontrols
- exacqvision_web_service