📦 Metasys Open Application Server
by Johnsoncontrols
🔍 What is Metasys Open Application Server?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
This cross-site scripting (XSS) vulnerability in Johnson Controls Metasys building automation systems allows attackers to inject malicious scripts into the MUI Graphics web interface. When exploited, ...
This vulnerability in Johnson Controls Metasys building automation systems allows attackers to change passwords without verification. It affects Metasys ADS/ADX/OAS servers running vulnerable versions...
This vulnerability in Metasys building automation servers allows authenticated users to lock out other users or take over their accounts. It affects Metasys ADS/ADX/OAS servers version 10 before 10.1....
CVE-2021-36207 is a privilege escalation vulnerability in Johnson Controls Metasys ADS/ADX/OAS servers that allows authenticated users to elevate their privileges to administrator level. This affects ...
CVE-2021-36205 is an authentication bypass vulnerability in Johnson Controls Metasys products where session tokens are not properly cleared on logout. This allows attackers to reuse valid session toke...