NuytsTech Security

CVE-2021-36206

by ·

All versions of CEVAS prior to 1.01.46 do not sufficiently validate user-controllable input and could allow a user to bypass authentication and retrieve data with specially crafted SQL queries.

Date published : 2022-10-27

https://www.cisa.gov/uscert/ics/advisories/icsa-22-298-05

https://www.johnsoncontrols.com/cyber-solutions/security-advisories

Tags: