CVE-2024-32862

Summary

Under certain circumstances the ExacqVision Web Services does not provide sufficient protection from untrusted domains.

Affected Software

VendorProductVersion RangeStatus
Johnson ControlsexacqVision0 <= 24.03affected

Weaknesses

  • CWE-942: CWE-942 Permissive Cross-domain Policy with Untrusted Domains

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References