{"containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Metasys System", "vendor": "Johnson Controls", "versions": [{"lessThanOrEqual": "8.0", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "BCPro (BCM)", "vendor": "Johnson Controls", "versions": [{"lessThan": "3.0.2", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Dan Regalado of Zingbox reported this vulnerability to CISA."}], "datePublic": "2018-07-31T06:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>In Johnson Controls Metasys System Versions 8.0 and prior and BCPro (BCM) all versions prior to 3.0.2, this vulnerability results from improper error handling in HTTP-based communications with the server, which could allow an attacker to obtain technical information.</p>"}], "value": "In Johnson Controls Metasys System Versions 8.0 and prior and BCPro (BCM) all versions prior to 3.0.2, this vulnerability results from improper error handling in HTTP-based communications with the server, which could allow an attacker to obtain technical information.\n\n"}], "problemTypes": [{"descriptions": [{"cweId": "CWE-209", "description": "CWE-209 Generation of Error Message Containing Sensitive Information", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert", "dateUpdated": "2024-01-23T00:43:24.083Z"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-212-02"}, {"name": "104937", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/104937"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<p>Johnson Controls recommends the following mitigations:</p><ul><li>This issue was remediated in Metasys v8.1 (April, 2016). Users should upgrade to the latest product version (9.0). For Metasys information, contact your Metasys field service/sales representative.</li><li>This issue was remediated in the BCPro Workstation in BCPro v3.0 (October, 2017) and mitigated for the BACnet Router and Gateway in BCPro v3.0.2 (June, 2018). Users should upgrade to the latest product versions. For more BCPro information, contact your BCPro sales and support representative.</li></ul>\n\n<br>"}], "value": "\nJohnson Controls recommends the following mitigations:\n\n * This issue was remediated in Metasys v8.1 (April, 2016). Users should upgrade to the latest product version (9.0). For Metasys information, contact your Metasys field service/sales representative.\n * This issue was remediated in the BCPro Workstation in BCPro v3.0 (October, 2017) and mitigated for the BACnet Router and Gateway in BCPro v3.0.2 (June, 2018). Users should upgrade to the latest product versions. For more BCPro information, contact your BCPro sales and support representative.\n\n\n\n\n\n"}], "source": {"discovery": "EXTERNAL"}, "title": "Johnson Controls Metasys and BCPro Generation of Error Message Containing Sensitive Information", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<p>Additional information for Johnson Controls:</p><ul><li>Product security contact information, Building Automation System hardening, and security resources are located at our product security website <a target=\"_blank\" rel=\"nofollow\" href=\"http://www.johnsoncontrols.com/buildings/specialty-pages/product-security\">http://www.johnsoncontrols.com/buildings/specialty-pages/product-security</a></li><li>Contact information: Johnson Controls Global Product Security at <a target=\"_blank\" rel=\"nofollow\" href=\"http://mailto:productsecurity@jci.com/\">productsecurity@jci.com</a></li></ul>\n\n<br>"}], "value": "\nAdditional information for Johnson Controls:\n\n * Product security contact information, Building Automation System hardening, and security resources are located at our product security website http://www.johnsoncontrols.com/buildings/specialty-pages/product-security http://www.johnsoncontrols.com/buildings/specialty-pages/product-security \n * Contact information: Johnson Controls Global Product Security at productsecurity@jci.com http://mailto:productsecurity@jci.com/ \n\n\n\n\n\n"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "ics-cert@hq.dhs.gov", "DATE_PUBLIC": "2018-07-31T00:00:00", "ID": "CVE-2018-10624", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Metasys System", "version": {"version_data": [{"version_value": "Versions 8.0 and prior"}]}}, {"product_name": "BCPro (BCM)", "version": {"version_data": [{"version_value": "all versions prior to 3.0.2"}]}}]}, "vendor_name": "Johnson Controls"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In Johnson Controls Metasys System Versions 8.0 and prior and BCPro (BCM) all versions prior to 3.0.2, this vulnerability results from improper error handling in HTTP-based communications with the server, which could allow an attacker to obtain technical information."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "INFORMATION EXPOSURE THROUGH AN ERROR MESSAGE CWE-209"}]}]}, "references": {"reference_data": [{"name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-212-02", "refsource": "MISC", "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-212-02"}, {"name": "104937", "refsource": "BID", "url": "http://www.securityfocus.com/bid/104937"}]}}}}, "cveMetadata": {"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "assignerShortName": "icscert", "cveId": "CVE-2018-10624", "datePublished": "2018-07-31T00:00:00", "dateReserved": "2018-05-01T00:00:00", "dateUpdated": "2024-01-23T00:43:24.083Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:johnsoncontrols:bcpro:*:*:*:*:*:*:*:*", "matchCriteriaId": "719BA35E-A882-4897-B402-0F111564C3E5", "versionEndExcluding": "3.0.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:johnsoncontrols:metasys_system:*:*:*:*:*:*:*:*", "matchCriteriaId": "41A715BD-F19F-4AF4-A4A7-3A93E0C59AB8", "versionEndIncluding": "8.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In Johnson Controls Metasys System Versions 8.0 and prior and BCPro (BCM) all versions prior to 3.0.2, this vulnerability results from improper error handling in HTTP-based communications with the server, which could allow an attacker to obtain technical information.\n\n"}, {"lang": "es", "value": "En Johnson Controls Metasys System en versiones 8.0 y anteriores y BCPro (BCM) en todas las versiones anteriores a la 3.0.2, esta vulnerabilidad resulta de un manejo de errores incorrecto en las comunicaciones HTTP con el servidor, lo que podr\u00eda permitir que un atacante obtenga informaci\u00f3n t\u00e9cnica."}], "id": "CVE-2018-10624", "lastModified": "2024-01-23T01:15:08.943", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 3.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 6.5, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-08-01T21:29:00.217", "references": [{"source": "ics-cert@hq.dhs.gov", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/104937"}, {"source": "ics-cert@hq.dhs.gov", "tags": ["Mitigation", "Third Party Advisory", "US Government Resource"], "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-212-02"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-388"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-209"}], "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}]}

{}