Vulnerabilities > Johnsoncontrols > Exacqvision WEB Service > Critical

DATE CVE VULNERABILITY TITLE RISK
2021-10-11 CVE-2021-27664 Improper Privilege Management vulnerability in Johnsoncontrols Exacqvision web Service 20.06.11.0/20.06.3.0
Under certain configurations an unauthenticated remote user could be given access to credentials stored in the exacqVision Server.
network
low complexity
johnsoncontrols CWE-269
critical
9.8