Under certain circumstances, a vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 could allow a user to inject malicious code into the MUI Graphics web interface.
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:NJohnsoncontrols Metasys Application And Data Server
APPJohnsoncontrols11.011.0.110.0 – 10.1.5Johnsoncontrols Metasys Extended Application And Data Server
APPJohnsoncontrols11.011.0.110.0 – 10.1.5Johnsoncontrols Metasys Open Application Server
APPJohnsoncontrols11.011.0.110.0 – 10.1.5 (bez)
Related vulnerabilities
Under some circumstances an Insufficiently Protected Credentials vulnerability in Johnson Controls Metasys ADS...
On Metasys ADX Server version 12.0 running MVE, an Active Directory user could execute validated actions witho...
Under certain circumstances, a vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys AD...
A vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior t...
Under certain circumstances an authenticated user could lock other users out of the system or take over their ...