CVE-2021-27657

{"id": "CVE-2021-27657", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}, {"type": "Secondary", "source": "productsecurity@jci.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2021-06-04T15:15:07.517", "references": [{"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-01", "tags": ["Third Party Advisory", "US Government Resource"], "source": "productsecurity@jci.com"}, {"url": "https://us-cert.gov/ics/advisories", "tags": ["Third Party Advisory", "US Government Resource"], "source": "productsecurity@jci.com"}, {"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories", "tags": ["Vendor Advisory"], "source": "productsecurity@jci.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-269"}]}, {"type": "Secondary", "source": "productsecurity@jci.com", "description": [{"lang": "en", "value": "CWE-269"}]}], "descriptions": [{"lang": "en", "value": "Successful exploitation of this vulnerability could give an authenticated Metasys user an unintended level of access to the server file system, allowing them to access or modify system files by sending specifically crafted web messages to the Metasys system. This issue affects: Johnson Controls Metasys version 11.0 and prior versions."}, {"lang": "es", "value": "Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda otorgar a un usuario autenticado de Metasys un nivel de acceso no intencionado al sistema de archivos del servidor, permiti\u00e9ndole acceder o modificar los archivos del sistema mediante el env\u00edo de mensajes web espec\u00edficamente dise\u00f1ados para el sistema Metasys. Este problema afecta: Johnson Controls Metasys versiones 11.0 y versiones anteriores"}], "lastModified": "2021-12-02T13:55:35.607", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:johnsoncontrols:metasys:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D5F7AFA8-0BE3-4B4E-BECA-7A51700003CD", "versionEndIncluding": "11.0"}], "operator": "OR"}]}], "sourceIdentifier": "productsecurity@jci.com"}