Vulnerabilities > Johnsoncontrols > Metasys Extended Application AND Data Server > 12.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-10-07 | CVE-2022-21936 | Improper Authentication vulnerability in Johnsoncontrols Metasys Extended Application and Data Server 12.0 On Metasys ADX Server version 12.0 running MVE, an Active Directory user could execute validated actions without providing a valid password when using MVE SMP UI. | 6.5 |