Known vulnerabilities in Johnson Controls Metasys Open Application Server (OAS) 11

Vendor: Johnson Controls

Website: https://www.johnsoncontrols.com/

Total Security Bulletins: 4

Security bulletins (4)

Secuity bulletin	Severity	Status	Published
SB2023011325: Insufficiently protected credentials in Johnson Controls Metasys	High	Patched	13.01.2023
SB2022072507: Missing Authentication for Critical Function in Johnson Controls Metasys ADS, ADX, OAS	Medium	Patched	25.07.2022
SB2022041903: Multiple vulnerabilities in Johnson Controls Metasys ADS/ADX/OAS Servers	High	Patched	19.04.2022
SB2022032110: Remote code execution in Johnson Controls Metasys ADS/ADX/OAS Servers	Medium	Patched	21.03.2022