CVE-2022-21938

Under certain circumstances, a vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 could allow a user to inject malicious code into the MUI Graphics web interface.
References
Configurations

Configuration 1

cpe:2.3:a:johnsoncontrols:metasys_open_application_server:*:*:*:*:*:*:*:*
cpe:2.3:a:johnsoncontrols:metasys_open_application_server:11.0:*:*:*:*:*:*:*
cpe:2.3:a:johnsoncontrols:metasys_application_and_data_server:11.0:*:*:*:*:*:*:*
cpe:2.3:a:johnsoncontrols:metasys_extended_application_and_data_server:11.0:*:*:*:*:*:*:*
cpe:2.3:a:johnsoncontrols:metasys_application_and_data_server:11.0.1:*:*:*:*:*:*:*
cpe:2.3:a:johnsoncontrols:metasys_extended_application_and_data_server:11.0.1:*:*:*:*:*:*:*
cpe:2.3:a:johnsoncontrols:metasys_open_application_server:11.0.1:*:*:*:*:*:*:*
cpe:2.3:a:johnsoncontrols:metasys_application_and_data_server:*:*:*:*:*:*:*:*
cpe:2.3:a:johnsoncontrols:metasys_extended_application_and_data_server:*:*:*:*:*:*:*:*

Information

Published : 2022-06-15 09:15

Updated : 2022-06-24 07:58


NVD link : CVE-2022-21938

Mitre link : CVE-2022-21938

Products Affected
No products.
CWE