Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2021-27665
PUBLISHED
More InfoOfficial Page
Assigner-jci
Assigner Org ID-7281d04a-a537-43df-bfb4-fa4110af9d01
View Known Exploited Vulnerability (KEV) details
Published At-11 Oct, 2021 | 15:26
Updated At-17 Sep, 2024 | 02:53
Rejected At-
▼CVE Numbering Authority (CNA)
exacqVision Server 32-bit

An unauthenticated remote user could exploit a potential integer overflow condition in the exacqVision Server with a specially crafted script and cause denial-of-service condition.

Affected Products
Vendor
Johnson Controls
Product
exacqVision Web Service
Versions
Affected
  • From 21.06.11.0 through 21.06.11.0 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-190CWE-190: Integer Overflow or Wraparound
Type: CWE
CWE ID: CWE-190
Description: CWE-190: Integer Overflow or Wraparound
Metrics
VersionBase scoreBase severityVector
3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Upgrade exacqVision Server 32-bit to version 21.09 or upgrade to exacqVision Server 64-bit Current users can obtain the critical software update from the Software Download location at: https://www.exacq.com/support/downloads.php

Configurations
Workarounds
Exploits
Credits
Tenable Research
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.johnsoncontrols.com/cyber-solutions/security-advisories
x_refsource_CONFIRM
https://us-cert.gov/ics/advisories/icsa-21-280-03
third-party-advisory
x_refsource_CERT
Hyperlink: https://www.johnsoncontrols.com/cyber-solutions/security-advisories
Resource:
x_refsource_CONFIRM
Hyperlink: https://us-cert.gov/ics/advisories/icsa-21-280-03
Resource:
third-party-advisory
x_refsource_CERT
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.johnsoncontrols.com/cyber-solutions/security-advisories
x_refsource_CONFIRM
x_transferred
https://us-cert.gov/ics/advisories/icsa-21-280-03
third-party-advisory
x_refsource_CERT
x_transferred
Hyperlink: https://www.johnsoncontrols.com/cyber-solutions/security-advisories
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://us-cert.gov/ics/advisories/icsa-21-280-03
Resource:
third-party-advisory
x_refsource_CERT
x_transferred
Details not found