CVE-2022-21934

Sažetak

Under certain circumstances an authenticated user could lock other users out of the system or take over their accounts in Metasys ADS/ADX/OAS server 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS server 11 versions prior to 11.0.2.

Reference

https://www.cisa.gov/uscert/ics/advisories/icsa-22-125-01
https://www.johnsoncontrols.com/cyber-solutions/security-advisories

CVSS

Base:	6.0
Impact:	6.4
Exploitability:	6.8

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:M/Au:S/C:P/I:P/A:P

Zadnje važnije ažuriranje

16-05-2022 - 19:40

Objavljeno

06-05-2022 - 16:15