PT-2019-18662 · Johnson Controls · Metasys

Harpocrates.Ghost@Protonmail.Com

Publicado

2019-08-20

Atualizado

2020-02-10

CVE-2019-7594

CVSS v3.1

9.1

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Name of the Vulnerable Software and Affected Versions Metasys versions prior to 9.0

Description The issue concerns the use of a hardcoded RC2 key for encryption operations involving the Site Management Portal.

Recommendations For versions prior to 9.0, update to version 9.0 or later to resolve the issue.

Correção

Using Hardcoded Credentials

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

CVE-2019-7594

Metasys