Johnsoncontrols CVEs and Security Vulnerabilities - OpenCVE

Filtered by vendor Johnsoncontrols Subscriptions

Search

Switch to Advanced Search (Beta)

Total 66 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2024-32864	1 Johnsoncontrols	1 Exacqvision Web Service	2024-08-09	6.4 Medium
Under certain circumstances exacqVision Web Services will not enforce secure web communications (HTTPS)
CVE-2024-32865	1 Johnsoncontrols	1 Exacqvision Server	2024-08-09	6.4 Medium
Under certain circumstances the exacqVision Server will not properly validate TLS certificates provided by connected devices.
CVE-2024-32758	1 Johnsoncontrols	2 Exacqvision Client, Exacqvision Server	2024-08-09	7.5 High
Under certain circumstances the communication between exacqVision Client and exacqVision Server will use insufficient key length and exchange
CVE-2024-32862	1 Johnsoncontrols	1 Exacqvision Web Service	2024-08-09	6.8 Medium
Under certain circumstances the ExacqVision Web Services does not provide sufficient protection from untrusted domains.
CVE-2024-32931	1 Johnsoncontrols	1 Exacqvision Web Service	2024-08-09	5.7 Medium
Under certain circumstances the exacqVision Web Service can expose authentication token details within communications.
CVE-2024-32863	1 Johnsoncontrols	1 Exacqvision Web Service	2024-08-09	6.8 Medium
Under certain circumstances the exacqVision Web Services may be susceptible to Cross-Site Request Forgery (CSRF)

« first previous Page 4 of 4.