Metasys ADS/ADX/NAE/NIE/NCE up to 8.x Site Management Portal Shared weak encryption – Digitalmunition




Exploit/Advisories Cybersecurity study of the dark web exposes vulnerability to machine identities -- ScienceDaily

Published on August 21st, 2019 📆 | 4260 Views ⚑

0

Metasys ADS/ADX/NAE/NIE/NCE up to 8.x Site Management Portal Shared weak encryption

CVSS Meta Temp ScoreCurrent Exploit Price (≈)
5.3$0-$5k

A vulnerability was found in Metasys ADS, ADX, NAE, NIE and NCE up to 8.x. It has been classified as critical. Affected is an unknown code block of the component Site Management Portal. The manipulation with an unknown input leads to a weak encryption vulnerability (Shared). CWE is classifying the issue as CWE-311. This is going to have an impact on confidentiality, integrity, and availability.

The weakness was published 08/20/2019. The advisory is shared for download at johnsoncontrols.com. This vulnerability is traded as CVE-2019-7593 since 02/07/2019. There are neither technical details nor an exploit publicly available.

Upgrading to version 9.0 eliminates this vulnerability.

Similar entry is available at 140461.

Vendor

Name

VulDB Meta Base Score: 5.5
VulDB Meta Temp Score: 5.3

VulDB Base Score: ≈5.5
VulDB Temp Score: ≈5.3
VulDB Vector: 🔒
VulDB Reliability: 🔍

VulDB Base Score: 🔒
VulDB Temp Score: 🔒
VulDB Reliability: 🔍
Class: Weak encryption / Shared (CWE-311)
Local: Yes
Remote: No

Availability: 🔒
Status: Not defined

Price Prediction: 🔍
Current Price Estimation: 🔒

Threat Intelligenceinfoedit

Threat: 🔍
Adversaries: 🔍
Geopolitics: 🔍
Economy: 🔍
Predictions: 🔍
Remediation: 🔍Recommended: Upgrade
Status: 🔍

0-Day Time: 🔒

Upgrade: ADS/ADX/NAE/NIE/NCE 9.0

02/07/2019 CVE assigned
08/20/2019 +194 days Advisory disclosed
08/21/2019 +1 days VulDB entry created
08/21/2019 +0 days VulDB last updateAdvisory: johnsoncontrols.com

CVE: CVE-2019-7593 (🔒)
See also: 🔒

Created: 08/21/2019 11:30 AM
Complete: 🔍

Comments

No comments yet. Please log in to comment.

Upgrade your account now!

https://vuldb.com/?id.140460

Tagged with:



Leave a Reply