Johnsoncontrols : Security Vulnerabilities, CVEs, (Information Leak)

CVE-2024-0242

Under certain circumstances IQ Panel4 and IQ4 Hub panel software prior to version 4.4.2 could allow unauthorized access to settings.
Max CVSS
9.8
EPSS Score
0.09%
Published
2024-02-08
Updated
2024-02-15

CVE-2023-2025

OpenBlue Enterprise Manager Data Collector versions prior to 3.2.5.75 may expose sensitive information to an unauthorized user under certain circumstances.
Max CVSS
6.5
EPSS Score
0.07%
Published
2023-05-18
Updated
2023-05-25

CVE-2023-0248

An attacker with physical access to the Kantech Gen1 ioSmart card reader with firmware version prior to 1.07.02 in certain circumstances can recover the reader's communication memory between the card and reader.
Max CVSS
7.5
EPSS Score
0.05%
Published
2023-12-14
Updated
2023-12-21

CVE-2021-36198

Successful exploitation of this vulnerability could allow an unauthorized user to access sensitive data.
Max CVSS
8.3
EPSS Score
0.15%
Published
2021-12-06
Updated
2021-12-07

CVE-2014-5427

Johnson Controls Metasys 4.1 through 6.5, as used in Application and Data Server (ADS), Extended Application and Data Server (aka ADX), LonWorks Control Server 85 LCS8520, Network Automation Engine (NAE) 55xx-x, Network Integration Engine (NIE) 5xxx-x, and NxE8500, allows remote attackers to read password hashes via a POST request.
Max CVSS
5.0
EPSS Score
0.62%
Published
2015-03-29
Updated
2015-03-30
5 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close