CVE-2022-21935 - Vulnerability Details - OpenCVE

A vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 allows unverified password change.

No CVSS v4.0

Attack Vector Adjacent Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Johnsoncontrols	Metasys Application And Data Server Metasys Extended Application And Data Server Metasys Open Application Server

Configuration 1 [-]

OR	cpe:2.3:a:johnsoncontrols:metasys_application_and_data_server::::::::
	cpe:2.3:a:johnsoncontrols:metasys_application_and_data_server:11.0:::::::*
	cpe:2.3:a:johnsoncontrols:metasys_application_and_data_server:11.0.1:::::::*
	cpe:2.3:a:johnsoncontrols:metasys_extended_application_and_data_server::::::::
	cpe:2.3:a:johnsoncontrols:metasys_extended_application_and_data_server:11.0:::::::*
	cpe:2.3:a:johnsoncontrols:metasys_extended_application_and_data_server:11.0.1:::::::*
	cpe:2.3:a:johnsoncontrols:metasys_open_application_server::::::::
	cpe:2.3:a:johnsoncontrols:metasys_open_application_server:11.0:::::::*
	cpe:2.3:a:johnsoncontrols:metasys_open_application_server:11.0.1:::::::*

No data.

References

Link	Providers
https://www.cisa.gov/uscert/ics/advisories/icsa-22-165-01
https://www.johnsoncontrols.com/cyber-solutions/security-advisories

History

No history.

MITRE

Status: PUBLISHED

Assigner: jci

Published: 2022-06-15T19:57:01.029262Z

Updated: 2024-09-16T19:57:26.166Z

Reserved: 2021-12-15T00:00:00

Link: CVE-2022-21935

Vulnrichment

No data.

NVD

Status : Modified

Published: 2022-06-15T20:15:17.627

Modified: 2024-11-21T06:45:44.393

Link: CVE-2022-21935

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Metasys ADS/ADX/OAS server", "vendor": "Johnson Controls", "versions": [{"lessThan": "10.1.5", "status": "affected", "version": "All 10 versions", "versionType": "custom"}, {"lessThan": "11.0.2", "status": "affected", "version": "All 11 versions", "versionType": "custom"}]}], "datePublic": "2022-06-14T00:00:00", "descriptions": [{"lang": "en", "value": "A vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 allows unverified password change."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-620", "description": "CWE-620 Unverified Password Change", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-06-15T19:57:01", "orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01", "shortName": "jci"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"}, {"name": "ICS-CERT Advisory", "tags": ["third-party-advisory", "x_refsource_CERT"], "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-165-01"}], "solutions": [{"lang": "en", "value": "Update all Metasys ADS/ADX/OAS 10 versions with patch 10.1.5."}, {"lang": "en", "value": "Update all Metasys ADS/ADX/OAS 11 versions with patch 11.0.2."}], "source": {"discovery": "INTERNAL"}, "title": "Metasys password guessing", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "productsecurity@jci.com", "DATE_PUBLIC": "2022-06-14T19:41:00.000Z", "ID": "CVE-2022-21935", "STATE": "PUBLIC", "TITLE": "Metasys password guessing"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Metasys ADS/ADX/OAS server", "version": {"version_data": [{"version_affected": "<", "version_name": "All 10 versions", "version_value": "10.1.5"}, {"version_affected": "<", "version_name": "All 11 versions", "version_value": "11.0.2"}]}}]}, "vendor_name": "Johnson Controls"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 allows unverified password change."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "HIGH", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-620 Unverified Password Change"}]}]}, "references": {"reference_data": [{"name": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories", "refsource": "CONFIRM", "url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"}, {"name": "ICS-CERT Advisory", "refsource": "CERT", "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-165-01"}]}, "solution": [{"lang": "en", "value": "Update all Metasys ADS/ADX/OAS 10 versions with patch 10.1.5."}, {"lang": "en", "value": "Update all Metasys ADS/ADX/OAS 11 versions with patch 11.0.2."}], "source": {"discovery": "INTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T03:00:54.509Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"}, {"name": "ICS-CERT Advisory", "tags": ["third-party-advisory", "x_refsource_CERT", "x_transferred"], "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-165-01"}]}]}, "cveMetadata": {"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01", "assignerShortName": "jci", "cveId": "CVE-2022-21935", "datePublished": "2022-06-15T19:57:01.029262Z", "dateReserved": "2021-12-15T00:00:00", "dateUpdated": "2024-09-16T19:57:26.166Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:johnsoncontrols:metasys_application_and_data_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "0B7D6966-7384-435E-8149-F12123042AC0", "versionEndIncluding": "10.1.5", "versionStartIncluding": "10.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:johnsoncontrols:metasys_application_and_data_server:11.0:*:*:*:*:*:*:*", "matchCriteriaId": "C801ABDD-1BEB-43E9-9130-2BA854EFC66C", "vulnerable": true}, {"criteria": "cpe:2.3:a:johnsoncontrols:metasys_application_and_data_server:11.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "11E47FE4-E401-40C1-B6CE-0631A6F0987C", "vulnerable": true}, {"criteria": "cpe:2.3:a:johnsoncontrols:metasys_extended_application_and_data_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "BB5F564D-9430-421D-9BCD-3AFA40503FBB", "versionEndIncluding": "10.1.5", "versionStartIncluding": "10.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:johnsoncontrols:metasys_extended_application_and_data_server:11.0:*:*:*:*:*:*:*", "matchCriteriaId": "5D5BDB2A-DC14-48F5-BB81-6908FE1DC0E5", "vulnerable": true}, {"criteria": "cpe:2.3:a:johnsoncontrols:metasys_extended_application_and_data_server:11.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "066D677E-470D-4356-B167-7888C097FA15", "vulnerable": true}, {"criteria": "cpe:2.3:a:johnsoncontrols:metasys_open_application_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "E3CC754C-B8D2-4CE0-AC12-1B53CB71055D", "versionEndExcluding": "10.1.5", "versionStartIncluding": "10.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:johnsoncontrols:metasys_open_application_server:11.0:*:*:*:*:*:*:*", "matchCriteriaId": "AE893FEE-07B1-4ABD-ADAF-24BB6129B6B1", "vulnerable": true}, {"criteria": "cpe:2.3:a:johnsoncontrols:metasys_open_application_server:11.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "B886EFC1-5226-493D-9C7C-363DFFBBA4F0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 allows unverified password change."}, {"lang": "es", "value": "Una vulnerabilidad en Metasys ADS/ADX/OAS 10 versiones anteriores a 10.1.5 y en Metasys ADS/ADX/OAS 11 versiones anteriores a 11.0.2, permite un cambio de contrase\u00f1a no verificado"}], "id": "CVE-2022-21935", "lastModified": "2024-11-21T06:45:44.393", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 5.9, "source": "productsecurity@jci.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-06-15T20:15:17.627", "references": [{"source": "productsecurity@jci.com", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-165-01"}, {"source": "productsecurity@jci.com", "tags": ["Vendor Advisory"], "url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-165-01"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"}], "sourceIdentifier": "productsecurity@jci.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-620"}], "source": "productsecurity@jci.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-287"}], "source": "nvd@nist.gov", "type": "Primary"}]}