CVE-2021-36207

Sažetak

Under certain circumstances improper privilege management in Metasys ADS/ADX/OAS servers versions 10 and 11 could allow an authenticated user to elevate their privileges to administrator.

Reference

https://www.cisa.gov/uscert/ics/advisories/icsa-22-118-01
https://www.johnsoncontrols.com/cyber-solutions/security-advisories

CVSS

Base:	8.5
Impact:	10.0
Exploitability:	6.8

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:M/Au:S/C:C/I:C/A:C

Zadnje važnije ažuriranje

11-05-2022 - 15:28

Objavljeno

29-04-2022 - 17:15