Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Metasys MVE
Vulnerability Description
On Metasys ADX Server version 12.0 running MVE, an Active Directory user could execute validated actions without providing a valid password when using MVE SMP UI.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Vulnerability Type
N/A
Vulnerability Title
Johnson Controls Metasys ADX 授权问题漏洞
Vulnerability Description
Johnson Controls Metasys ADX是美国江森自控(Johnson Controls)公司的一款数据服务器。用于管理大量趋势数据、事件消息、操作员事务和系统配置数据。 Johnson Controls Metasys ADX 12.0版本存在授权问题漏洞,该漏洞源于当使用MVE SMP UI时,活动目录用户可以在不提供有效密码的情况下执行验证的操作。
CVSS Information
N/A
Vulnerability Type
N/A