Metasys® ADS/ADX servers and NAE/NIE/NCE engines prior to 9.0 make use of a shared RSA key pair for certain encryption operations involving the Site Management Portal (SMP).
References
Link | Resource |
---|---|
https://www.johnsoncontrols.com/-/media/jci/cyber-solutions/product-security-advisories/2019/jci-psa-2019-06-v1-metasys-icsa-19-227-01.pdf | Vendor Advisory |
https://www.us-cert.gov/ics/advisories/icsa-19-227-01 | Mitigation Third Party Advisory US Government Resource |
https://www.johnsoncontrols.com/-/media/jci/cyber-solutions/product-security-advisories/2019/jci-psa-2019-06-v1-metasys-icsa-19-227-01.pdf | Vendor Advisory |
https://www.us-cert.gov/ics/advisories/icsa-19-227-01 | Mitigation Third Party Advisory US Government Resource |
Configurations
History
21 Nov 2024, 04:48
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 6.4
v3 : 6.8 |
References | () https://www.johnsoncontrols.com/-/media/jci/cyber-solutions/product-security-advisories/2019/jci-psa-2019-06-v1-metasys-icsa-19-227-01.pdf - Vendor Advisory | |
References | () https://www.us-cert.gov/ics/advisories/icsa-19-227-01 - Mitigation, Third Party Advisory, US Government Resource |
Information
Published : 2019-08-20 19:15
Updated : 2024-11-21 04:48
NVD link : CVE-2019-7593
Mitre link : CVE-2019-7593
CVE.ORG link : CVE-2019-7593
JSON object : View
Products Affected
johnsoncontrols
- metasys_system