11 Nov 2023
Vulnérabilité CVE-2023-4804 CVE Vulnerability
An unauthorized user could access debug features in Quantum HD Unity products that were accidentally exposed. (CVSS:10.0) (Last Update:2023-11-10 23:15:08)
Vulnerability Details :
An unauthorized user could access debug features in Quantum HD Unity products that were accidentally exposed.
Exploit prediction scoring system (EPSS) score for CVE-2023-4804
We don't have an EPSS score for this CVE yet EPSS FAQ
CVSS scores for CVE-2023-4804
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Source |
---|---|---|---|---|---|
10.0 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H | 3.9 | 6.0 | Cette adresse e-mail est protégée contre les robots spammeurs. Vous devez activer le JavaScript pour la visualiser. |
CWE ids for CVE-2023-4804
- The product is deployed to unauthorized actors with debugging code still enabled or active, which can create unintended entry points or expose sensitive information.Assigned by: Cette adresse e-mail est protégée contre les robots spammeurs. Vous devez activer le JavaScript pour la visualiser. (Secondary)
References for CVE-2023-4804
- https://www.cisa.gov/news-events/ics-advisories/icsa-23-313-01 Johnson Controls Quantum HD Unity | CISA
- https://www.johnsoncontrols.com/cyber-solutions/security-advisories Product Security Advisories