Vulnerabilities > CVE-2021-27656 - Missing Authorization vulnerability in Johnsoncontrols Exacqvision web Service

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
low complexity
johnsoncontrols
CWE-862

Summary

A vulnerability in exacqVision Web Service 20.12.2.0 and prior could allow an unauthenticated attacker to view system-level information about the exacqVision Web Service and the operating system.

Vulnerable Configurations

Part Description Count
Application
Johnsoncontrols
1

Common Weakness Enumeration (CWE)