All the vulnerabilites related to Johnson Controls - Quantum HD Unity Compressor
cve-2023-4804
Vulnerability from cvelistv5
Published
2023-11-10 22:17
Modified
2024-08-02 07:38
Severity ?
EPSS score ?
Summary
Quantum HD Unity
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T07:38:00.647Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories" }, { "tags": [ "x_transferred" ], "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-313-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Quantum HD Unity Compressor", "vendor": "Johnson Controls", "versions": [ { "lessThan": "11.22", "status": "affected", "version": "0", "versionType": "custom" }, { "lessThan": "12.22", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unaffected", "product": "Quantum HD Unity AcuAir", "vendor": "Johnson Controls", "versions": [ { "lessThan": "11.12", "status": "affected", "version": "0", "versionType": "custom" }, { "lessThan": "12.12", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unaffected", "product": "Quantum HD Unity Condenser/Vessel", "vendor": "Johnson Controls", "versions": [ { "lessThan": "11.11", "status": "affected", "version": "0", "versionType": "custom" }, { "lessThan": "12.11", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unaffected", "product": "Quantum HD Unity Evaporator", "vendor": "Johnson Controls", "versions": [ { "lessThan": "11.11", "status": "affected", "version": "0", "versionType": "custom" }, { "lessThan": "12.11", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unaffected", "product": "Quantum HD Unity Engine Room", "vendor": "Johnson Controls", "versions": [ { "lessThan": "11.11", "status": "affected", "version": "0", "versionType": "custom" }, { "lessThan": "12.11", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unaffected", "product": "Quantum HD Unity Interface", "vendor": "Johnson Controls", "versions": [ { "lessThan": "11.11", "status": "affected", "version": "0", "versionType": "custom" }, { "lessThan": "12.11", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Jim Reprogle" } ], "datePublic": "2023-11-10T22:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "An\u0026nbsp;unauthorized user could access debug features in Quantum HD Unity products that were accidentally exposed." } ], "value": "An\u00a0unauthorized user could access debug features in Quantum HD Unity products that were accidentally exposed." } ], "impacts": [ { "capecId": "CAPEC-212", "descriptions": [ { "lang": "en", "value": "CAPEC-212 Functionality Misuse" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 10, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-489", "description": "CWE-489: Active Debug Code", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-11-10T22:17:55.249Z", "orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01", "shortName": "jci" }, "references": [ { "url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories" }, { "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-313-01" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Update all Quantum HD Unity Compressor control panels to firmware version 11.22 (Q5) or 12.22 (Q6).\u003cbr\u003e" } ], "value": "Update all Quantum HD Unity Compressor control panels to firmware version 11.22 (Q5) or 12.22 (Q6).\n" }, { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Update all Quantum HD Unity AcuAir control panels to firmware version 11.12 (Q5) or 12.12 (Q6).\u003cbr\u003e" } ], "value": "Update all Quantum HD Unity AcuAir control panels to firmware version 11.12 (Q5) or 12.12 (Q6).\n" }, { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Update all Quantum HD Unity Condenser/Vessel control panels to firmware version 11.11 (Q5) or 12.11 (Q6).\u003cbr\u003e" } ], "value": "Update all Quantum HD Unity Condenser/Vessel control panels to firmware version 11.11 (Q5) or 12.11 (Q6).\n" }, { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\n\nUpdate all Quantum HD Unity Evaporator control panels to firmware version 11.11 (Q5) or 12.11 (Q6).\n\n\u003cbr\u003e" } ], "value": "\nUpdate all Quantum HD Unity Evaporator control panels to firmware version 11.11 (Q5) or 12.11 (Q6).\n\n\n" }, { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\n\nUpdate all Quantum HD Unity Engine Room control panels to firmware version 11.11 (Q5) or 12.11 (Q6).\n\n\u003cbr\u003e" } ], "value": "\nUpdate all Quantum HD Unity Engine Room control panels to firmware version 11.11 (Q5) or 12.11 (Q6).\n\n\n" }, { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\n\nUpdate all Quantum HD Unity Interface control panels to firmware version 11.11 (Q5) or 12.11 (Q6).\n\n\u003cbr\u003e" } ], "value": "\nUpdate all Quantum HD Unity Interface control panels to firmware version 11.11 (Q5) or 12.11 (Q6).\n\n\n" } ], "source": { "discovery": "EXTERNAL" }, "title": "Quantum HD Unity", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01", "assignerShortName": "jci", "cveId": "CVE-2023-4804", "datePublished": "2023-11-10T22:17:55.249Z", "dateReserved": "2023-09-06T15:44:07.459Z", "dateUpdated": "2024-08-02T07:38:00.647Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }