VYPR
Vendor

Johnsoncontrols

Products
4
CVEs
8
Across products
9
Status
Private

Products

4

Recent CVEs

8
  • CVE-2026-20188NonMay 6, 2026
    risk 0.00cvss 0.0epss 0.00

    Following the initial publication of the Security Advisory about a denial of service (DoS) condition in Cisco Crosswork Network Controller and Cisco Network Services Orchestrator (NSO), additional information has been made available to the Cisco Product Security Incident…

  • CVE-2025-20123Jan 8, 2025
    risk 0.00cvss epss 0.00

    Multiple vulnerabilities in the web-based management interface of Cisco Crosswork Network Controller could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against users of the interface of an affected system. These vulnerabilities exist…

  • CVE-2024-20478Aug 28, 2024
    risk 0.00cvss epss 0.01

    A vulnerability in the software upgrade component of Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Network Controller, formerly Cisco Cloud APIC, could allow an authenticated, remote attacker with Administrator-level privileges to install a…

  • CVE-2023-20011Feb 23, 2023
    risk 0.00cvss epss 0.00

    A vulnerability in the web-based management interface of Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Network Controller, formerly Cisco Cloud APIC, could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack…

  • CVE-2014-5428Mar 29, 2015
    risk 0.00cvss epss 0.04

    Unrestricted file upload vulnerability in unspecified web services in Johnson Controls Metasys 4.1 through 6.5, as used in Application and Data Server (ADS), Extended Application and Data Server (aka ADX), LonWorks Control Server 85 LCS8520, Network Automation Engine (NAE)…

  • CVE-2014-5427Mar 29, 2015
    risk 0.00cvss epss 0.01

    Johnson Controls Metasys 4.1 through 6.5, as used in Application and Data Server (ADS), Extended Application and Data Server (aka ADX), LonWorks Control Server 85 LCS8520, Network Automation Engine (NAE) 55xx-x, Network Integration Engine (NIE) 5xxx-x, and NxE8500, allows remote…

  • CVE-2012-4026Jul 16, 2012
    risk 0.00cvss epss 0.01

    The Johnson Controls Pegasys P2000 server with software before 3.11 allows remote attackers to trigger false alerts via crafted packets to TCP port 41013 (aka the upload port), a different vulnerability than CVE-2012-2607.

  • CVE-2012-2607Jul 16, 2012
    risk 0.00cvss epss 0.02

    The Johnson Controls CK721-A controller with firmware before SSM4388_03.1.0.14_BB allows remote attackers to perform arbitrary actions via crafted packets to TCP port 41014 (aka the download port).