Johnsoncontrols Metsys — known CVE vulnerabilities
Every CVE whose affected-product data names Johnsoncontrols Metsys, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2014-5428 — CVSS 10.0 (critical): Unrestricted file upload vulnerability in unspecified web services in Johnson Controls Metasys 4.1 through 6.5, as used in Application and…
CVE-2014-5427 — CVSS 5.0 (medium): Johnson Controls Metasys 4.1 through 6.5, as used in Application and Data Server (ADS), Extended Application and Data Server (aka ADX)…