Under certain circumstances the exacqVision Web Services may be susceptible to Cross-Site Request Forgery (CSRF)
oryginał ENCVSS Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:NJohnsoncontrols Exacqvision Web Service
APPJohnsoncontrols≤ 24.03
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Powiązane podatności
CVE-2021-27664CRITICAL9.8ten sam produkt
Under certain configurations an unauthenticated remote user could be given access to credentials stored in the...
CVE-2024-32862MEDIUM6.8ten sam produkt
Under certain circumstances the ExacqVision Web Services does not provide sufficient protection from untrusted...
CVE-2024-32864MEDIUM6.4ten sam produkt
Under certain circumstances exacqVision Web Services will not enforce secure web communications (HTTPS)
CVE-2024-32931MEDIUM5.7ten sam produkt
Under certain circumstances the exacqVision Web Service can expose authentication token details within communi...
CVE-2021-27659MEDIUM5.3ten sam produkt
exacqVision Web Service 21.03 does not sufficiently validate, filter, escape, and/or encode user-controllable ...