Vulnerabilities > Johnsoncontrols > Openblue Enterprise Manager Data Collector

DATE CVE VULNERABILITY TITLE RISK
2023-05-18 CVE-2023-2024 Improper Authentication vulnerability in Johnsoncontrols Openblue Enterprise Manager Data Collector
Improper authentication in OpenBlue Enterprise Manager Data Collector versions prior to 3.2.5.75 allow access to an unauthorized user under certain circumstances.
network
low complexity
johnsoncontrols CWE-287
7.5
2023-05-18 CVE-2023-2025 Exposure of Resource to Wrong Sphere vulnerability in Johnsoncontrols Openblue Enterprise Manager Data Collector
OpenBlue Enterprise Manager Data Collector versions prior to 3.2.5.75 may expose sensitive information to an unauthorized user under certain circumstances.
network
low complexity
johnsoncontrols CWE-668
6.5