Vulnerabilities > CVE-2023-4804 - Unspecified vulnerability in Johnsoncontrols products

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

critical

NVD

Published: 2023-11-10

Updated: 2023-11-16

Summary

An unauthorized user could access debug features in Quantum HD Unity products that were accidentally exposed.

Part	Description	Count
OS	Johnsoncontrols Johnsoncontrols Quantum HD Unity Compressor Firmware 11.00 Johnsoncontrols Quantum HD Unity Compressor Firmware 12.00 Johnsoncontrols Quantum HD Unity Acuair Firmware 11.00 Johnsoncontrols Quantum HD Unity Acuair Firmware 12.00 Johnsoncontrols Quantum HD Unity Condenser/Vessel Firmware 11.00 Johnsoncontrols Quantum HD Unity Condenser/Vessel Firmware 12.00 Johnsoncontrols Quantum HD Unity Evaporator Firmware 11.00 Johnsoncontrols Quantum HD Unity Evaporator Firmware 12.00 Johnsoncontrols Quantum HD Unity Engine Room Firmware 11.00 Johnsoncontrols Quantum HD Unity Engine Room Firmware 12.00 Johnsoncontrols Quantum HD Unity Interface Firmware 11.00 Johnsoncontrols Quantum HD Unity Interface Firmware 12.00	12
Hardware	Johnsoncontrols Johnsoncontrols Quantum HD Unity Compressor - Johnsoncontrols Quantum HD Unity Acuair - Johnsoncontrols Quantum HD Unity Condenser/Vessel - Johnsoncontrols Quantum HD Unity Evaporator - Johnsoncontrols Quantum HD Unity Engine Room - Johnsoncontrols Quantum HD Unity Interface -	6