CVE-2021-36203

The affected product may allow an attacker to identify and forge requests to internal systems by way of a specially crafted request.
References
Link Resource
https://www.cisa.gov/uscert/ics/advisories/icsa-22-111-02 Third Party Advisory US Government Resource
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:johnsoncontrols:metasys_system_configuration_tool:*:*:*:*:-:*:*:*
cpe:2.3:a:johnsoncontrols:metasys_system_configuration_tool:*:*:*:*:pro:*:*:*

Information

Published : 2022-04-22 08:15

Updated : 2022-05-03 13:38


NVD link : CVE-2021-36203

Mitre link : CVE-2021-36203


JSON object : View

CWE
CWE-918

Server-Side Request Forgery (SSRF)

Advertisement

dedicated server usa

Products Affected

johnsoncontrols

  • metasys_system_configuration_tool