Critical Infrastructure Sectors: Critical Manufacturing
Server-Side Request Forgery (SSRF) vulnerability in Johnson Controls Metasys could allow an authenticated malicious user to inject malicious code into the MUI PDF export feature. This issue affects: Johnson Controls Metasys All 10 versions versions before 10.1.5; All 11 versions versions before 11.0.2.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
johnsoncontrols metasys application and data server |
||
johnsoncontrols metasys extended application and data server |
||
johnsoncontrols metasys open application server |