Vulnerabilities > Johnsoncontrols > Metasys Reporting Engine > High

DATE CVE VULNERABILITY TITLE RISK
2021-02-19 CVE-2020-9050 Path Traversal vulnerability in Johnsoncontrols Metasys Reporting Engine 2.0/2.1
Path Traversal vulnerability exists in Metasys Reporting Engine (MRE) Web Services which could allow a remote unauthenticated attacker to access and download arbitrary files from the system.
network
low complexity
johnsoncontrols CWE-22
7.5