Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
johnsoncontrols exacqvision web service vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv3
CVE-2020-9047
A vulnerability exists that could allow the execution of unauthorized code or operating system commands on systems running exacqVision Web Service versions 20.06.3.0 and prior and exacqVision Enterprise Manager versions 20.06.4.0 and prior. An attacker with administrative privile...
Johnsoncontrols Exacqvision Enterprise Manager
Johnsoncontrols Exacqvision Web Service
1 Github repository
9.8
CVSSv3
CVE-2021-27664
Under certain configurations an unauthenticated remote user could be given access to credentials stored in the exacqVision Server.
Johnsoncontrols Exacqvision Web Service
7.5
CVSSv3
CVE-2021-27656
A vulnerability in exacqVision Web Service 20.12.2.0 and prior could allow an unauthenticated malicious user to view system-level information about the exacqVision Web Service and the operating system.
Johnsoncontrols Exacqvision Web Service
6.1
CVSSv3
CVE-2021-27659
exacqVision Web Service 21.03 does not sufficiently validate, filter, escape, and/or encode user-controllable input before it is placed in output that is used as a web page that is served to other users.
Johnsoncontrols Exacqvision Web Service
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started