Vulnerabilities > Johnsoncontrols > Kantech Entrapass > High

DATE CVE VULNERABILITY TITLE RISK
2021-12-06 CVE-2021-36198 Exposure of Resource to Wrong Sphere vulnerability in Johnsoncontrols Kantech Entrapass
Successful exploitation of this vulnerability could allow an unauthorized user to access sensitive data.
network
low complexity
johnsoncontrols CWE-668
7.5
2020-05-26 CVE-2020-9046 Improper Privilege Management vulnerability in Johnsoncontrols Kantech Entrapass 8.22
A vulnerability in all versions of Kantech EntraPass Editions could potentially allow an authorized low-privileged user to gain full system-level privileges by replacing critical files with specifically crafted files.
local
low complexity
johnsoncontrols CWE-269
7.8