Search criteria
4 vulnerabilities found for nae55_firmware by johnsoncontrols
CVE-2023-4486 (GCVE-0-2023-4486)
Vulnerability from nvd – Published: 2023-12-07 19:55 – Updated: 2025-05-28 13:52
VLAI?
Title
Uncontrolled Resource Consumption in Metasys and Facility Explorer
Summary
Under certain circumstances, invalid authentication credentials could be sent to the login endpoint of Johnson Controls Metasys NAE55, SNE, and SNC engines prior to
versions 11.0.6 and 12.0.4
and Facility Explorer F4-SNC engines prior to versions 11.0.6 and 12.0.4 to cause denial-of-service.
Severity ?
7.5 (High)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Johnson Controls | Metasys NAE55/SNE/SNC |
Affected:
12.0 , < 12.0.4
(custom)
Affected: 11.0 , < 11.0.6 (custom) |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:31:06.240Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-341-03"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-4486",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2023-12-23T05:01:05.723101Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-28T13:52:00.866Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Metasys NAE55/SNE/SNC",
"vendor": "Johnson Controls",
"versions": [
{
"lessThan": "12.0.4",
"status": "affected",
"version": "12.0",
"versionType": "custom"
},
{
"lessThan": "11.0.6",
"status": "affected",
"version": "11.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Facility Explorer F4-SNC",
"vendor": "Johnson Controls",
"versions": [
{
"lessThan": "12.0.4",
"status": "affected",
"version": "12.0",
"versionType": "custom"
},
{
"lessThan": "11.0.6",
"status": "affected",
"version": "11.0",
"versionType": "custom"
}
]
}
],
"datePublic": "2023-12-07T19:24:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Under certain circumstances, invalid authentication credentials could be sent to the login endpoint of Johnson Controls Metasys NAE55, SNE, and SNC engines prior to \n\nversions 11.0.6 and 12.0.4\n\n and Facility Explorer F4-SNC engines prior to versions 11.0.6 and 12.0.4 to cause denial-of-service.\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "Under certain circumstances, invalid authentication credentials could be sent to the login endpoint of Johnson Controls Metasys NAE55, SNE, and SNC engines prior to \n\nversions 11.0.6 and 12.0.4\n\n and Facility Explorer F4-SNC engines prior to versions 11.0.6 and 12.0.4 to cause denial-of-service.\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-114",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-114 Authentication Abuse"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-19T16:57:41.349Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-341-03"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update Metasys NAE55, SNE, and SNC engines to version 12.0.4.\u003cbr\u003e"
}
],
"value": "Update Metasys NAE55, SNE, and SNC engines to version 12.0.4.\n"
},
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update Metasys NAE55, SNE, and SNC engines to version 11.0.6.\n\n\u003cbr\u003e"
}
],
"value": "Update Metasys NAE55, SNE, and SNC engines to version 11.0.6.\n\n\n"
},
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update Facility Explorer F4-SNC engine to version 12.0.4.\u003cbr\u003e"
}
],
"value": "Update Facility Explorer F4-SNC engine to version 12.0.4.\n"
},
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUpdate Facility Explorer F4-SNC engine to version 11.0.6. \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e\n\n\n\n\u003cbr\u003e"
}
],
"value": "\n\n\nUpdate Facility Explorer F4-SNC engine to version 11.0.6. \u00a0\n\n\n\n\n"
},
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\nFor more information, contact your local Johnson Controls office or Authorized Building Control Specialists (ABCS).\n\n\u003cbr\u003e"
}
],
"value": "\nFor more information, contact your local Johnson Controls office or Authorized Building Control Specialists (ABCS).\n\n\n"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Uncontrolled Resource Consumption in Metasys and Facility Explorer",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2023-4486",
"datePublished": "2023-12-07T19:55:39.265Z",
"dateReserved": "2023-08-22T19:40:01.192Z",
"dateUpdated": "2025-05-28T13:52:00.866Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9044 (GCVE-0-2020-9044)
Vulnerability from nvd – Published: 2020-03-10 19:28 – Updated: 2024-08-04 10:19
VLAI?
Title
Metasys Improper Restriction of XML External Entity Reference
Summary
XXE vulnerability exists in the Metasys family of product Web Services which has the potential to facilitate DoS attacks or harvesting of ASCII server files. This affects Johnson Controls' Metasys Application and Data Server (ADS, ADS-Lite) versions 10.1 and prior; Metasys Extended Application and Data Server (ADX) versions 10.1 and prior; Metasys Open Data Server (ODS) versions 10.1 and prior; Metasys Open Application Server (OAS) version 10.1; Metasys Network Automation Engine (NAE55 only) versions 9.0.1, 9.0.2, 9.0.3, 9.0.5, 9.0.6; Metasys Network Integration Engine (NIE55/NIE59) versions 9.0.1, 9.0.2, 9.0.3, 9.0.5, 9.0.6; Metasys NAE85 and NIE85 versions 10.1 and prior; Metasys LonWorks Control Server (LCS) versions 10.1 and prior; Metasys System Configuration Tool (SCT) versions 13.2 and prior; Metasys Smoke Control Network Automation Engine (NAE55, UL 864 UUKL/ORD-C100-13 UUKLC 10th Edition Listed) version 8.1.
Severity ?
7.5 (High)
CWE
- CWE-611 - - Information Leak Through XML External Entity File Disclosure
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
Credits
Lukasz Rupala
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:19:19.812Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-070-05"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Metasys Application and Data Server (ADS, ADS-Lite)",
"vendor": "Johnson Controls",
"versions": [
{
"status": "affected",
"version": "versions 10.1 and prior"
}
]
},
{
"product": "Metasys Extended Application and Data Server (ADX)",
"vendor": "Johnson Controls",
"versions": [
{
"status": "affected",
"version": "versions 10.1 and prior"
}
]
},
{
"product": "Metasys Open Data Server (ODS)",
"vendor": "Johnson Controls",
"versions": [
{
"status": "affected",
"version": "versions 10.1 and prior"
}
]
},
{
"product": "Metasys Open Application Server (OAS)",
"vendor": "Johnson Controls",
"versions": [
{
"status": "affected",
"version": "version 10.1"
}
]
},
{
"product": "Metasys Network Automation Engine (NAE55 only)",
"vendor": "Johnson Controls",
"versions": [
{
"status": "affected",
"version": "versions 9.0.1"
},
{
"status": "affected",
"version": "9.0.2"
},
{
"status": "affected",
"version": "9.0.3"
},
{
"status": "affected",
"version": "9.0.5"
},
{
"status": "affected",
"version": "9.0.6"
}
]
},
{
"product": "Metasys Network Integration Engine (NIE55/NIE59)",
"vendor": "Johnson Controls",
"versions": [
{
"status": "affected",
"version": "versions 9.0.1"
},
{
"status": "affected",
"version": "9.0.2"
},
{
"status": "affected",
"version": "9.0.3"
},
{
"status": "affected",
"version": "9.0.5"
},
{
"status": "affected",
"version": "9.0.6"
}
]
},
{
"product": "Metasys NAE85 and NIE85",
"vendor": "Johnson Controls",
"versions": [
{
"status": "affected",
"version": "versions 10.1 and prior"
}
]
},
{
"product": "Metasys LonWorks Control Server (LCS)",
"vendor": "Johnson Controls",
"versions": [
{
"status": "affected",
"version": "versions 10.1 and prior"
}
]
},
{
"product": "Metasys System Configuration Tool (SCT)",
"vendor": "Johnson Controls",
"versions": [
{
"status": "affected",
"version": "versions 13.2 and prior"
}
]
},
{
"product": "Metasys Smoke Control Network Automation Engine (NAE55, UL 864 UUKL/ORD-C100-13 UUKLC 10th Edition Listed)",
"vendor": "Johnson Controls",
"versions": [
{
"status": "affected",
"version": "version 8.1"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Lukasz Rupala"
}
],
"descriptions": [
{
"lang": "en",
"value": "XXE vulnerability exists in the Metasys family of product Web Services which has the potential to facilitate DoS attacks or harvesting of ASCII server files. This affects Johnson Controls\u0027 Metasys Application and Data Server (ADS, ADS-Lite) versions 10.1 and prior; Metasys Extended Application and Data Server (ADX) versions 10.1 and prior; Metasys Open Data Server (ODS) versions 10.1 and prior; Metasys Open Application Server (OAS) version 10.1; Metasys Network Automation Engine (NAE55 only) versions 9.0.1, 9.0.2, 9.0.3, 9.0.5, 9.0.6; Metasys Network Integration Engine (NIE55/NIE59) versions 9.0.1, 9.0.2, 9.0.3, 9.0.5, 9.0.6; Metasys NAE85 and NIE85 versions 10.1 and prior; Metasys LonWorks Control Server (LCS) versions 10.1 and prior; Metasys System Configuration Tool (SCT) versions 13.2 and prior; Metasys Smoke Control Network Automation Engine (NAE55, UL 864 UUKL/ORD-C100-13 UUKLC 10th Edition Listed) version 8.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "CWE-611 - Information Leak Through XML External Entity File Disclosure ",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-10T19:28:30",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-070-05"
}
],
"solutions": [
{
"lang": "en",
"value": "Johnson Controls has developed a patch to address this issue. Customers should contact their local branch office for remediation. "
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Metasys Improper Restriction of XML External Entity Reference",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productsecurity@jci.com",
"ID": "CVE-2020-9044",
"STATE": "PUBLIC",
"TITLE": "Metasys Improper Restriction of XML External Entity Reference"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Metasys Application and Data Server (ADS, ADS-Lite)",
"version": {
"version_data": [
{
"version_value": "versions 10.1 and prior"
}
]
}
},
{
"product_name": "Metasys Extended Application and Data Server (ADX)",
"version": {
"version_data": [
{
"version_value": "versions 10.1 and prior"
}
]
}
},
{
"product_name": "Metasys Open Data Server (ODS)",
"version": {
"version_data": [
{
"version_value": "versions 10.1 and prior"
}
]
}
},
{
"product_name": "Metasys Open Application Server (OAS)",
"version": {
"version_data": [
{
"version_value": "version 10.1"
}
]
}
},
{
"product_name": "Metasys Network Automation Engine (NAE55 only)",
"version": {
"version_data": [
{
"version_value": "versions 9.0.1"
},
{
"version_value": "9.0.2"
},
{
"version_value": "9.0.3"
},
{
"version_value": "9.0.5"
},
{
"version_value": "9.0.6"
}
]
}
},
{
"product_name": "Metasys Network Integration Engine (NIE55/NIE59)",
"version": {
"version_data": [
{
"version_value": "versions 9.0.1"
},
{
"version_value": "9.0.2"
},
{
"version_value": "9.0.3"
},
{
"version_value": "9.0.5"
},
{
"version_value": "9.0.6"
}
]
}
},
{
"product_name": "Metasys NAE85 and NIE85",
"version": {
"version_data": [
{
"version_value": "versions 10.1 and prior"
}
]
}
},
{
"product_name": "Metasys LonWorks Control Server (LCS)",
"version": {
"version_data": [
{
"version_value": "versions 10.1 and prior"
}
]
}
},
{
"product_name": "Metasys System Configuration Tool (SCT)",
"version": {
"version_data": [
{
"version_value": "versions 13.2 and prior"
}
]
}
},
{
"product_name": "Metasys Smoke Control Network Automation Engine (NAE55, UL 864 UUKL/ORD-C100-13 UUKLC 10th Edition Listed)",
"version": {
"version_data": [
{
"version_value": "version 8.1"
}
]
}
}
]
},
"vendor_name": "Johnson Controls"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Lukasz Rupala"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "XXE vulnerability exists in the Metasys family of product Web Services which has the potential to facilitate DoS attacks or harvesting of ASCII server files. This affects Johnson Controls\u0027 Metasys Application and Data Server (ADS, ADS-Lite) versions 10.1 and prior; Metasys Extended Application and Data Server (ADX) versions 10.1 and prior; Metasys Open Data Server (ODS) versions 10.1 and prior; Metasys Open Application Server (OAS) version 10.1; Metasys Network Automation Engine (NAE55 only) versions 9.0.1, 9.0.2, 9.0.3, 9.0.5, 9.0.6; Metasys Network Integration Engine (NIE55/NIE59) versions 9.0.1, 9.0.2, 9.0.3, 9.0.5, 9.0.6; Metasys NAE85 and NIE85 versions 10.1 and prior; Metasys LonWorks Control Server (LCS) versions 10.1 and prior; Metasys System Configuration Tool (SCT) versions 13.2 and prior; Metasys Smoke Control Network Automation Engine (NAE55, UL 864 UUKL/ORD-C100-13 UUKLC 10th Edition Listed) version 8.1."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-611 - Information Leak Through XML External Entity File Disclosure "
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories",
"refsource": "CONFIRM",
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"refsource": "CERT",
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-070-05"
}
]
},
"solution": [
{
"lang": "en",
"value": "Johnson Controls has developed a patch to address this issue. Customers should contact their local branch office for remediation. "
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2020-9044",
"datePublished": "2020-03-10T19:28:30",
"dateReserved": "2020-02-18T00:00:00",
"dateUpdated": "2024-08-04T10:19:19.812Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-4486 (GCVE-0-2023-4486)
Vulnerability from cvelistv5 – Published: 2023-12-07 19:55 – Updated: 2025-05-28 13:52
VLAI?
Title
Uncontrolled Resource Consumption in Metasys and Facility Explorer
Summary
Under certain circumstances, invalid authentication credentials could be sent to the login endpoint of Johnson Controls Metasys NAE55, SNE, and SNC engines prior to
versions 11.0.6 and 12.0.4
and Facility Explorer F4-SNC engines prior to versions 11.0.6 and 12.0.4 to cause denial-of-service.
Severity ?
7.5 (High)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Johnson Controls | Metasys NAE55/SNE/SNC |
Affected:
12.0 , < 12.0.4
(custom)
Affected: 11.0 , < 11.0.6 (custom) |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:31:06.240Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-341-03"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-4486",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2023-12-23T05:01:05.723101Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-28T13:52:00.866Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Metasys NAE55/SNE/SNC",
"vendor": "Johnson Controls",
"versions": [
{
"lessThan": "12.0.4",
"status": "affected",
"version": "12.0",
"versionType": "custom"
},
{
"lessThan": "11.0.6",
"status": "affected",
"version": "11.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Facility Explorer F4-SNC",
"vendor": "Johnson Controls",
"versions": [
{
"lessThan": "12.0.4",
"status": "affected",
"version": "12.0",
"versionType": "custom"
},
{
"lessThan": "11.0.6",
"status": "affected",
"version": "11.0",
"versionType": "custom"
}
]
}
],
"datePublic": "2023-12-07T19:24:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Under certain circumstances, invalid authentication credentials could be sent to the login endpoint of Johnson Controls Metasys NAE55, SNE, and SNC engines prior to \n\nversions 11.0.6 and 12.0.4\n\n and Facility Explorer F4-SNC engines prior to versions 11.0.6 and 12.0.4 to cause denial-of-service.\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "Under certain circumstances, invalid authentication credentials could be sent to the login endpoint of Johnson Controls Metasys NAE55, SNE, and SNC engines prior to \n\nversions 11.0.6 and 12.0.4\n\n and Facility Explorer F4-SNC engines prior to versions 11.0.6 and 12.0.4 to cause denial-of-service.\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-114",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-114 Authentication Abuse"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-19T16:57:41.349Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-341-03"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update Metasys NAE55, SNE, and SNC engines to version 12.0.4.\u003cbr\u003e"
}
],
"value": "Update Metasys NAE55, SNE, and SNC engines to version 12.0.4.\n"
},
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update Metasys NAE55, SNE, and SNC engines to version 11.0.6.\n\n\u003cbr\u003e"
}
],
"value": "Update Metasys NAE55, SNE, and SNC engines to version 11.0.6.\n\n\n"
},
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update Facility Explorer F4-SNC engine to version 12.0.4.\u003cbr\u003e"
}
],
"value": "Update Facility Explorer F4-SNC engine to version 12.0.4.\n"
},
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUpdate Facility Explorer F4-SNC engine to version 11.0.6. \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e\n\n\n\n\u003cbr\u003e"
}
],
"value": "\n\n\nUpdate Facility Explorer F4-SNC engine to version 11.0.6. \u00a0\n\n\n\n\n"
},
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\nFor more information, contact your local Johnson Controls office or Authorized Building Control Specialists (ABCS).\n\n\u003cbr\u003e"
}
],
"value": "\nFor more information, contact your local Johnson Controls office or Authorized Building Control Specialists (ABCS).\n\n\n"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Uncontrolled Resource Consumption in Metasys and Facility Explorer",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2023-4486",
"datePublished": "2023-12-07T19:55:39.265Z",
"dateReserved": "2023-08-22T19:40:01.192Z",
"dateUpdated": "2025-05-28T13:52:00.866Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9044 (GCVE-0-2020-9044)
Vulnerability from cvelistv5 – Published: 2020-03-10 19:28 – Updated: 2024-08-04 10:19
VLAI?
Title
Metasys Improper Restriction of XML External Entity Reference
Summary
XXE vulnerability exists in the Metasys family of product Web Services which has the potential to facilitate DoS attacks or harvesting of ASCII server files. This affects Johnson Controls' Metasys Application and Data Server (ADS, ADS-Lite) versions 10.1 and prior; Metasys Extended Application and Data Server (ADX) versions 10.1 and prior; Metasys Open Data Server (ODS) versions 10.1 and prior; Metasys Open Application Server (OAS) version 10.1; Metasys Network Automation Engine (NAE55 only) versions 9.0.1, 9.0.2, 9.0.3, 9.0.5, 9.0.6; Metasys Network Integration Engine (NIE55/NIE59) versions 9.0.1, 9.0.2, 9.0.3, 9.0.5, 9.0.6; Metasys NAE85 and NIE85 versions 10.1 and prior; Metasys LonWorks Control Server (LCS) versions 10.1 and prior; Metasys System Configuration Tool (SCT) versions 13.2 and prior; Metasys Smoke Control Network Automation Engine (NAE55, UL 864 UUKL/ORD-C100-13 UUKLC 10th Edition Listed) version 8.1.
Severity ?
7.5 (High)
CWE
- CWE-611 - - Information Leak Through XML External Entity File Disclosure
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Johnson Controls | Metasys Application and Data Server (ADS, ADS-Lite) |
Affected:
versions 10.1 and prior
|
|||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||
Credits
Lukasz Rupala
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:19:19.812Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-070-05"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Metasys Application and Data Server (ADS, ADS-Lite)",
"vendor": "Johnson Controls",
"versions": [
{
"status": "affected",
"version": "versions 10.1 and prior"
}
]
},
{
"product": "Metasys Extended Application and Data Server (ADX)",
"vendor": "Johnson Controls",
"versions": [
{
"status": "affected",
"version": "versions 10.1 and prior"
}
]
},
{
"product": "Metasys Open Data Server (ODS)",
"vendor": "Johnson Controls",
"versions": [
{
"status": "affected",
"version": "versions 10.1 and prior"
}
]
},
{
"product": "Metasys Open Application Server (OAS)",
"vendor": "Johnson Controls",
"versions": [
{
"status": "affected",
"version": "version 10.1"
}
]
},
{
"product": "Metasys Network Automation Engine (NAE55 only)",
"vendor": "Johnson Controls",
"versions": [
{
"status": "affected",
"version": "versions 9.0.1"
},
{
"status": "affected",
"version": "9.0.2"
},
{
"status": "affected",
"version": "9.0.3"
},
{
"status": "affected",
"version": "9.0.5"
},
{
"status": "affected",
"version": "9.0.6"
}
]
},
{
"product": "Metasys Network Integration Engine (NIE55/NIE59)",
"vendor": "Johnson Controls",
"versions": [
{
"status": "affected",
"version": "versions 9.0.1"
},
{
"status": "affected",
"version": "9.0.2"
},
{
"status": "affected",
"version": "9.0.3"
},
{
"status": "affected",
"version": "9.0.5"
},
{
"status": "affected",
"version": "9.0.6"
}
]
},
{
"product": "Metasys NAE85 and NIE85",
"vendor": "Johnson Controls",
"versions": [
{
"status": "affected",
"version": "versions 10.1 and prior"
}
]
},
{
"product": "Metasys LonWorks Control Server (LCS)",
"vendor": "Johnson Controls",
"versions": [
{
"status": "affected",
"version": "versions 10.1 and prior"
}
]
},
{
"product": "Metasys System Configuration Tool (SCT)",
"vendor": "Johnson Controls",
"versions": [
{
"status": "affected",
"version": "versions 13.2 and prior"
}
]
},
{
"product": "Metasys Smoke Control Network Automation Engine (NAE55, UL 864 UUKL/ORD-C100-13 UUKLC 10th Edition Listed)",
"vendor": "Johnson Controls",
"versions": [
{
"status": "affected",
"version": "version 8.1"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Lukasz Rupala"
}
],
"descriptions": [
{
"lang": "en",
"value": "XXE vulnerability exists in the Metasys family of product Web Services which has the potential to facilitate DoS attacks or harvesting of ASCII server files. This affects Johnson Controls\u0027 Metasys Application and Data Server (ADS, ADS-Lite) versions 10.1 and prior; Metasys Extended Application and Data Server (ADX) versions 10.1 and prior; Metasys Open Data Server (ODS) versions 10.1 and prior; Metasys Open Application Server (OAS) version 10.1; Metasys Network Automation Engine (NAE55 only) versions 9.0.1, 9.0.2, 9.0.3, 9.0.5, 9.0.6; Metasys Network Integration Engine (NIE55/NIE59) versions 9.0.1, 9.0.2, 9.0.3, 9.0.5, 9.0.6; Metasys NAE85 and NIE85 versions 10.1 and prior; Metasys LonWorks Control Server (LCS) versions 10.1 and prior; Metasys System Configuration Tool (SCT) versions 13.2 and prior; Metasys Smoke Control Network Automation Engine (NAE55, UL 864 UUKL/ORD-C100-13 UUKLC 10th Edition Listed) version 8.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "CWE-611 - Information Leak Through XML External Entity File Disclosure ",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-10T19:28:30",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-070-05"
}
],
"solutions": [
{
"lang": "en",
"value": "Johnson Controls has developed a patch to address this issue. Customers should contact their local branch office for remediation. "
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Metasys Improper Restriction of XML External Entity Reference",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productsecurity@jci.com",
"ID": "CVE-2020-9044",
"STATE": "PUBLIC",
"TITLE": "Metasys Improper Restriction of XML External Entity Reference"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Metasys Application and Data Server (ADS, ADS-Lite)",
"version": {
"version_data": [
{
"version_value": "versions 10.1 and prior"
}
]
}
},
{
"product_name": "Metasys Extended Application and Data Server (ADX)",
"version": {
"version_data": [
{
"version_value": "versions 10.1 and prior"
}
]
}
},
{
"product_name": "Metasys Open Data Server (ODS)",
"version": {
"version_data": [
{
"version_value": "versions 10.1 and prior"
}
]
}
},
{
"product_name": "Metasys Open Application Server (OAS)",
"version": {
"version_data": [
{
"version_value": "version 10.1"
}
]
}
},
{
"product_name": "Metasys Network Automation Engine (NAE55 only)",
"version": {
"version_data": [
{
"version_value": "versions 9.0.1"
},
{
"version_value": "9.0.2"
},
{
"version_value": "9.0.3"
},
{
"version_value": "9.0.5"
},
{
"version_value": "9.0.6"
}
]
}
},
{
"product_name": "Metasys Network Integration Engine (NIE55/NIE59)",
"version": {
"version_data": [
{
"version_value": "versions 9.0.1"
},
{
"version_value": "9.0.2"
},
{
"version_value": "9.0.3"
},
{
"version_value": "9.0.5"
},
{
"version_value": "9.0.6"
}
]
}
},
{
"product_name": "Metasys NAE85 and NIE85",
"version": {
"version_data": [
{
"version_value": "versions 10.1 and prior"
}
]
}
},
{
"product_name": "Metasys LonWorks Control Server (LCS)",
"version": {
"version_data": [
{
"version_value": "versions 10.1 and prior"
}
]
}
},
{
"product_name": "Metasys System Configuration Tool (SCT)",
"version": {
"version_data": [
{
"version_value": "versions 13.2 and prior"
}
]
}
},
{
"product_name": "Metasys Smoke Control Network Automation Engine (NAE55, UL 864 UUKL/ORD-C100-13 UUKLC 10th Edition Listed)",
"version": {
"version_data": [
{
"version_value": "version 8.1"
}
]
}
}
]
},
"vendor_name": "Johnson Controls"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Lukasz Rupala"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "XXE vulnerability exists in the Metasys family of product Web Services which has the potential to facilitate DoS attacks or harvesting of ASCII server files. This affects Johnson Controls\u0027 Metasys Application and Data Server (ADS, ADS-Lite) versions 10.1 and prior; Metasys Extended Application and Data Server (ADX) versions 10.1 and prior; Metasys Open Data Server (ODS) versions 10.1 and prior; Metasys Open Application Server (OAS) version 10.1; Metasys Network Automation Engine (NAE55 only) versions 9.0.1, 9.0.2, 9.0.3, 9.0.5, 9.0.6; Metasys Network Integration Engine (NIE55/NIE59) versions 9.0.1, 9.0.2, 9.0.3, 9.0.5, 9.0.6; Metasys NAE85 and NIE85 versions 10.1 and prior; Metasys LonWorks Control Server (LCS) versions 10.1 and prior; Metasys System Configuration Tool (SCT) versions 13.2 and prior; Metasys Smoke Control Network Automation Engine (NAE55, UL 864 UUKL/ORD-C100-13 UUKLC 10th Edition Listed) version 8.1."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-611 - Information Leak Through XML External Entity File Disclosure "
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories",
"refsource": "CONFIRM",
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"name": "ICS-CERT Advisory",
"refsource": "CERT",
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-070-05"
}
]
},
"solution": [
{
"lang": "en",
"value": "Johnson Controls has developed a patch to address this issue. Customers should contact their local branch office for remediation. "
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2020-9044",
"datePublished": "2020-03-10T19:28:30",
"dateReserved": "2020-02-18T00:00:00",
"dateUpdated": "2024-08-04T10:19:19.812Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}