Unrated severityNVD Advisory· Published May 6, 2022· Updated Sep 16, 2024
Metasys Unverified Password Change
CVE-2022-21934
Description
Under certain circumstances an authenticated user could lock other users out of the system or take over their accounts in Metasys ADS/ADX/OAS server 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS server 11 versions prior to 11.0.2.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <10.1.5 (10.x) and <11.0.2 (11.x)
- Range: All 10 versions
Patches
Vulnerability mechanics
References
2- www.cisa.gov/uscert/ics/advisories/icsa-22-125-01mitrethird-party-advisoryx_refsource_CERT
- www.johnsoncontrols.com/cyber-solutions/security-advisoriesmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.