Johnsoncontrols Exacqvision Web Service
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Johnsoncontrols Exacqvision Web Service.
By the Year
In 2026 there have been 0 vulnerabilities in Johnsoncontrols Exacqvision Web Service. Exacqvision Web Service did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 4 | 7.68 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 3 | 7.80 |
| 2020 | 1 | 6.80 |
It may take a day or so for new Exacqvision Web Service vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Johnsoncontrols Exacqvision Web Service Security Vulnerabilities
ExacqVision Web Service Exposes Auth Tokens in Traces
CVE-2024-32931
5.7 - Medium
- August 01, 2024
Under certain circumstances the exacqVision Web Service can expose authentication token details within communications.
ExacqVision Web Services CORS misconfiguration allows cross-origin access
CVE-2024-32862
8.1 - High
- August 01, 2024
Under certain circumstances the ExacqVision Web Services does not provide sufficient protection from untrusted domains.
Incorrect Comparison
exacqVision Web Services HTTPS enforcement bypass
CVE-2024-32864
8.1 - High
- August 01, 2024
Under certain circumstances exacqVision Web Services will not enforce secure web communications (HTTPS)
Cleartext Transmission of Sensitive Information
exacqVision Web Services CSRF Vulnerability
CVE-2024-32863
8.8 - High
- August 01, 2024
Under certain circumstances the exacqVision Web Services may be susceptible to Cross-Site Request Forgery (CSRF)
Session Riding
Under certain configurations an unauthenticated remote user could be given access to credentials stored in the exacqVision Server.
CVE-2021-27664
9.8 - Critical
- October 11, 2021
Under certain configurations an unauthenticated remote user could be given access to credentials stored in the exacqVision Server.
Improper Privilege Management
exacqVision Web Service 21.03 does not sufficiently validate, filter, escape, and/or encode user-controllable input before it is placed in output
CVE-2021-27659
6.1 - Medium
- June 24, 2021
exacqVision Web Service 21.03 does not sufficiently validate, filter, escape, and/or encode user-controllable input before it is placed in output that is used as a web page that is served to other users.
XSS
A vulnerability in exacqVision Web Service 20.12.2.0 and prior could
CVE-2021-27656
7.5 - High
- March 18, 2021
A vulnerability in exacqVision Web Service 20.12.2.0 and prior could allow an unauthenticated attacker to view system-level information about the exacqVision Web Service and the operating system.
AuthZ
A vulnerability exists
CVE-2020-9047
6.8 - Medium
- June 26, 2020
A vulnerability exists that could allow the execution of unauthorized code or operating system commands on systems running exacqVision Web Service versions 20.06.3.0 and prior and exacqVision Enterprise Manager versions 20.06.4.0 and prior. An attacker with administrative privileges could potentially download and run a malicious executable that could allow OS command injection on the system.
Improper Verification of Cryptographic Signature
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Johnsoncontrols Exacqvision Web Service or by Johnsoncontrols? Click the Watch button to subscribe.
