Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Metasys Unverified Password Change
Vulnerability Description
Under certain circumstances an authenticated user could lock other users out of the system or take over their accounts in Metasys ADS/ADX/OAS server 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS server 11 versions prior to 11.0.2.
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
未经验证的口令修改
Vulnerability Title
Johnson Controls Metasys ADS/ADX/OAS servers 授权问题漏洞
Vulnerability Description
Johnson Controls Metasys ADS/ADX/OAS Servers是美国江森自控(Johnson Controls)公司的一种应用程序和数据服务器。 Johnson Controls Metasys ADS/ADX/OAS servers 10.1.5之前的10系列版本和11.0.1之前的11系列版本存在安全漏洞,攻击者利用该漏洞可允许经过身份验证的用户将其他用户锁定在系统之外并接管他们的帐户。
CVSS Information
N/A
Vulnerability Type
N/A