High severity7.5NVD Advisory· Published Feb 19, 2021· Updated Jun 17, 2026
CVE-2020-9050
CVE-2020-9050
Description
Path Traversal vulnerability exists in Metasys Reporting Engine (MRE) Web Services which could allow a remote unauthenticated attacker to access and download arbitrary files from the system.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Johnson Controls/Metasys Reporting Engine (MRE) Web Services versions 2.0 and 2.1v5Range: 2.0
Patches
Vulnerability mechanics
References
2- www.johnsoncontrols.com/cyber-solutions/security-advisoriesnvdVendor Advisory
- www.us-cert.gov/ics/advisories/icsa-21-049-01nvdThird Party AdvisoryUS Government Resource
News mentions
0No linked articles in our index yet.