Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for OpenBlue Enterprise Manager Data Collector by Johnson Controls

    CVE-2023-2025 (GCVE-0-2023-2025)

    Vulnerability from nvd – Published: 2023-05-18 20:50 – Updated: 2025-02-12 16:27
    VLAI
    Title
    Exposure of Sensitive Information in OpenBlue Enterprise Manager Data Collector
    Summary
    OpenBlue Enterprise Manager Data Collector versions prior to 3.2.5.75 may expose sensitive information to an unauthorized user under certain circumstances.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
    Assigner
    jci
    Impacted products
    Date Public
    2023-05-18 20:41
    Credits
    Rushank Shetty, Security Researcher at Northwestern Mutual
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T06:12:19.939Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-138-04"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-2025",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-12T16:27:41.285682Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-12T16:27:48.194Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "OpenBlue Enterprise Manager Data Collector",
              "vendor": "Johnson Controls",
              "versions": [
                {
                  "lessThan": "3.2.5.75",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": " Rushank Shetty, Security Researcher at Northwestern Mutual"
            }
          ],
          "datePublic": "2023-05-18T20:41:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "OpenBlue Enterprise Manager Data Collector versions prior to 3.2.5.75 may expose sensitive information to an unauthorized user under certain circumstances."
                }
              ],
              "value": "OpenBlue Enterprise Manager Data Collector versions prior to 3.2.5.75 may expose sensitive information to an unauthorized user under certain circumstances."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-115",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-115 Authentication Bypass"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-05-18T20:50:36.726Z",
            "orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
            "shortName": "jci"
          },
          "references": [
            {
              "url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
            },
            {
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-138-04"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Update all OpenBlue Enterprise Manager Data Collector firmware to version 3.2.5.75."
                }
              ],
              "value": "Update all OpenBlue Enterprise Manager Data Collector firmware to version 3.2.5.75."
            },
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Contact your Customer Success Manager to obtain the update.\u003cbr\u003e"
                }
              ],
              "value": "Contact your Customer Success Manager to obtain the update.\n"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Exposure of Sensitive Information in OpenBlue Enterprise Manager Data Collector",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
        "assignerShortName": "jci",
        "cveId": "CVE-2023-2025",
        "datePublished": "2023-05-18T20:50:36.726Z",
        "dateReserved": "2023-04-13T15:11:24.430Z",
        "dateUpdated": "2025-02-12T16:27:48.194Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-2024 (GCVE-0-2023-2024)

    Vulnerability from nvd – Published: 2023-05-18 20:45 – Updated: 2025-02-12 16:27
    VLAI
    Title
    Improper Authentication for OpenBlue Enterprise Manager Data Collector
    Summary
    Improper authentication in OpenBlue Enterprise Manager Data Collector versions prior to 3.2.5.75 allow access to an unauthorized user under certain circumstances.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-287 - Improper Authentication
    Assigner
    jci
    Impacted products
    Date Public
    2023-05-18 20:41
    Credits
    Rushank Shetty, Security Researcher at Northwestern Mutual
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T06:12:19.681Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-138-04"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-2024",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-21T20:09:01.151668Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-12T16:27:08.247Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "OpenBlue Enterprise Manager Data Collector",
              "vendor": "Johnson Controls",
              "versions": [
                {
                  "lessThan": "3.2.5.75",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": " Rushank Shetty, Security Researcher at Northwestern Mutual"
            }
          ],
          "datePublic": "2023-05-18T20:41:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper authentication in OpenBlue Enterprise Manager Data Collector versions prior to 3.2.5.75 allow access to an unauthorized user under certain circumstances."
                }
              ],
              "value": "Improper authentication in OpenBlue Enterprise Manager Data Collector versions prior to 3.2.5.75 allow access to an unauthorized user under certain circumstances."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-115",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-115 Authentication Bypass"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 10,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-287",
                  "description": "CWE-287: Improper Authentication",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-05-18T20:45:01.376Z",
            "orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
            "shortName": "jci"
          },
          "references": [
            {
              "url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
            },
            {
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-138-04"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Update all OpenBlue Enterprise Manager Data Collector firmware to version 3.2.5.75."
                }
              ],
              "value": "Update all OpenBlue Enterprise Manager Data Collector firmware to version 3.2.5.75."
            },
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Contact your Customer Success Manager to obtain the update.\u003cbr\u003e"
                }
              ],
              "value": "Contact your Customer Success Manager to obtain the update.\n"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Improper Authentication for OpenBlue Enterprise Manager Data Collector",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
        "assignerShortName": "jci",
        "cveId": "CVE-2023-2024",
        "datePublished": "2023-05-18T20:45:01.376Z",
        "dateReserved": "2023-04-13T15:11:18.916Z",
        "dateUpdated": "2025-02-12T16:27:08.247Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-2025 (GCVE-0-2023-2025)

    Vulnerability from cvelistv5 – Published: 2023-05-18 20:50 – Updated: 2025-02-12 16:27
    VLAI
    Title
    Exposure of Sensitive Information in OpenBlue Enterprise Manager Data Collector
    Summary
    OpenBlue Enterprise Manager Data Collector versions prior to 3.2.5.75 may expose sensitive information to an unauthorized user under certain circumstances.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
    Assigner
    jci
    Impacted products
    Date Public
    2023-05-18 20:41
    Credits
    Rushank Shetty, Security Researcher at Northwestern Mutual
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T06:12:19.939Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-138-04"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-2025",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-12T16:27:41.285682Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-12T16:27:48.194Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "OpenBlue Enterprise Manager Data Collector",
              "vendor": "Johnson Controls",
              "versions": [
                {
                  "lessThan": "3.2.5.75",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": " Rushank Shetty, Security Researcher at Northwestern Mutual"
            }
          ],
          "datePublic": "2023-05-18T20:41:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "OpenBlue Enterprise Manager Data Collector versions prior to 3.2.5.75 may expose sensitive information to an unauthorized user under certain circumstances."
                }
              ],
              "value": "OpenBlue Enterprise Manager Data Collector versions prior to 3.2.5.75 may expose sensitive information to an unauthorized user under certain circumstances."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-115",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-115 Authentication Bypass"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-05-18T20:50:36.726Z",
            "orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
            "shortName": "jci"
          },
          "references": [
            {
              "url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
            },
            {
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-138-04"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Update all OpenBlue Enterprise Manager Data Collector firmware to version 3.2.5.75."
                }
              ],
              "value": "Update all OpenBlue Enterprise Manager Data Collector firmware to version 3.2.5.75."
            },
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Contact your Customer Success Manager to obtain the update.\u003cbr\u003e"
                }
              ],
              "value": "Contact your Customer Success Manager to obtain the update.\n"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Exposure of Sensitive Information in OpenBlue Enterprise Manager Data Collector",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
        "assignerShortName": "jci",
        "cveId": "CVE-2023-2025",
        "datePublished": "2023-05-18T20:50:36.726Z",
        "dateReserved": "2023-04-13T15:11:24.430Z",
        "dateUpdated": "2025-02-12T16:27:48.194Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-2024 (GCVE-0-2023-2024)

    Vulnerability from cvelistv5 – Published: 2023-05-18 20:45 – Updated: 2025-02-12 16:27
    VLAI
    Title
    Improper Authentication for OpenBlue Enterprise Manager Data Collector
    Summary
    Improper authentication in OpenBlue Enterprise Manager Data Collector versions prior to 3.2.5.75 allow access to an unauthorized user under certain circumstances.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-287 - Improper Authentication
    Assigner
    jci
    Impacted products
    Date Public
    2023-05-18 20:41
    Credits
    Rushank Shetty, Security Researcher at Northwestern Mutual
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T06:12:19.681Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-138-04"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-2024",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-21T20:09:01.151668Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-12T16:27:08.247Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "OpenBlue Enterprise Manager Data Collector",
              "vendor": "Johnson Controls",
              "versions": [
                {
                  "lessThan": "3.2.5.75",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": " Rushank Shetty, Security Researcher at Northwestern Mutual"
            }
          ],
          "datePublic": "2023-05-18T20:41:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper authentication in OpenBlue Enterprise Manager Data Collector versions prior to 3.2.5.75 allow access to an unauthorized user under certain circumstances."
                }
              ],
              "value": "Improper authentication in OpenBlue Enterprise Manager Data Collector versions prior to 3.2.5.75 allow access to an unauthorized user under certain circumstances."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-115",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-115 Authentication Bypass"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 10,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-287",
                  "description": "CWE-287: Improper Authentication",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-05-18T20:45:01.376Z",
            "orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
            "shortName": "jci"
          },
          "references": [
            {
              "url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
            },
            {
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-138-04"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Update all OpenBlue Enterprise Manager Data Collector firmware to version 3.2.5.75."
                }
              ],
              "value": "Update all OpenBlue Enterprise Manager Data Collector firmware to version 3.2.5.75."
            },
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Contact your Customer Success Manager to obtain the update.\u003cbr\u003e"
                }
              ],
              "value": "Contact your Customer Success Manager to obtain the update.\n"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Improper Authentication for OpenBlue Enterprise Manager Data Collector",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
        "assignerShortName": "jci",
        "cveId": "CVE-2023-2024",
        "datePublished": "2023-05-18T20:45:01.376Z",
        "dateReserved": "2023-04-13T15:11:18.916Z",
        "dateUpdated": "2025-02-12T16:27:08.247Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }