Skip to main content

Metsys

2 CVEs product

Monthly

CVE-2014-5428 CRITICAL Act Now

Unrestricted file upload vulnerability in unspecified web services in Johnson Controls Metasys 4.1 through 6.5, as used in Application and Data Server (ADS), Extended Application and Data Server (aka. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE File Upload Metsys
NVD
CVSS 2.0
10.0
EPSS
2.6%
CVE-2014-5427 MEDIUM This Month

Johnson Controls Metasys 4.1 through 6.5, as used in Application and Data Server (ADS), Extended Application and Data Server (aka ADX), LonWorks Control Server 85 LCS8520, Network Automation Engine. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Metsys
NVD
CVSS 2.0
5.0
EPSS
0.5%
EPSS 3% CVSS 10.0
CRITICAL Act Now

Unrestricted file upload vulnerability in unspecified web services in Johnson Controls Metasys 4.1 through 6.5, as used in Application and Data Server (ADS), Extended Application and Data Server (aka. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE File Upload Metsys
NVD
EPSS 1% CVSS 5.0
MEDIUM This Month

Johnson Controls Metasys 4.1 through 6.5, as used in Application and Data Server (ADS), Extended Application and Data Server (aka ADX), LonWorks Control Server 85 LCS8520, Network Automation Engine. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Metsys
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy