CVE-2021-36205

Summary

Under certain circumstances the session token is not cleared on logout.

Affected Software

VendorProductVersion RangeStatus
Johnson ControlsMetasysAll 10 versions < 10.1.5affected
Johnson ControlsMetasysAll 11 versions < 11.0.2affected

Weaknesses

  • CWE-459: CWE-459: Incomplete Cleanup

ADP Enrichment

CVE Program Container

Additional References

References