{"containers":{"cna":{"affected":[{"product":"victor Web Client version 5.6 and prior","vendor":"Johnson Controls","versions":[{"lessThanOrEqual":"5.6","status":"affected","version":"unspecified","versionType":"custom"}]},{"product":"C•CURE Web Client version 2.90 and prior (Note - This does not affect the new web-based C•CURE 9000 client that was introduced in C•CURE 9000 v2.90)","vendor":"Johnson Controls","versions":[{"lessThanOrEqual":"2.90","status":"affected","version":"unspecified","versionType":"custom"}]}],"credits":[{"lang":"en","value":"Joachim Kerschbaumer reported this vulnerability to Johnson Controls, Inc."}],"datePublic":"2020-11-19T00:00:00.000Z","descriptions":[{"lang":"en","value":"A vulnerability in specified versions of American Dynamics victor Web Client and Software House C•CURE Web Client could allow an unauthenticated attacker on the network to create and sign their own JSON Web Token and use it to execute an HTTP API Method without the need for valid authentication/authorization. Under certain circumstances, this could be used by an attacker to impact system availability by conducting a Denial of Service attack."}],"metrics":[{"cvssV3_1":{"attackComplexity":"HIGH","attackVector":"ADJACENT_NETWORK","availabilityImpact":"LOW","baseScore":7.1,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L","version":"3.1"}}],"problemTypes":[{"descriptions":[{"cweId":"CWE-285","description":"CWE-285 : Improper Access Control (Authorization)","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2020-11-19T15:27:09.000Z","orgId":"7281d04a-a537-43df-bfb4-fa4110af9d01","shortName":"jci"},"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://www.johnsoncontrols.com/cyber-solutions/security-advisories"},{"name":"ICS-CERT Advisory","tags":["third-party-advisory","x_refsource_CERT"],"url":"https://us-cert.cisa.gov/ics/advisories/icsa-20-324-01"},{"tags":["x_refsource_MISC"],"url":"https://us-cert.cisa.gov/ics/advisories/icsa-20-324-01"}],"solutions":[{"lang":"en","value":"victor Web Client\n\n•\tvictor Web Client v5.6 and earlier – upgrade to v5.6 SP1 (victor Unified Client v5.6 SP1)\n\nRegistered users can obtain the software update by downloading the update found here: https://www.americandynamics.net/support/SoftwareDownloads.aspx.\n\nC•CURE Web Client\n\nC•CURE Web v2.60 and earlier - upgrade to a minimum of v2.70 and install the relevant update below.\n\n•\tC•CURE Web v2.70 - install the update WebClient_c2.70_5.2_Update02\n•\tC•CURE Web v2.80 - install the update WebClient_c2.80_v5.4.1_Update04\n•\tC•CURE Web v2.90 - install the update CCureWeb_2.90_Update01 \n\nRegistered users can obtain the software update by downloading the update found here: https://swhouse.com/Support/SoftwareDownloads.aspx."}],"source":{"discovery":"EXTERNAL"},"title":"victor Web Client and C•CURE Web Client JSON Web Token (JWT) Vulnerability","x_generator":{"engine":"Vulnogram 0.0.9"},"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"productsecurity@jci.com","DATE_PUBLIC":"2020-11-19T14:00:00.000Z","ID":"CVE-2020-9049","STATE":"PUBLIC","TITLE":"victor Web Client and C•CURE Web Client JSON Web Token (JWT) Vulnerability"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"victor Web Client version 5.6 and prior","version":{"version_data":[{"version_affected":"<=","version_value":"5.6"}]}},{"product_name":"C•CURE Web Client version 2.90 and prior (Note - This does not affect the new web-based C•CURE 9000 client that was introduced in C•CURE 9000 v2.90)","version":{"version_data":[{"version_affected":"<=","version_value":"2.90"}]}}]},"vendor_name":"Johnson Controls"}]}},"credit":[{"lang":"eng","value":"Joachim Kerschbaumer reported this vulnerability to Johnson Controls, Inc."}],"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"A vulnerability in specified versions of American Dynamics victor Web Client and Software House C•CURE Web Client could allow an unauthenticated attacker on the network to create and sign their own JSON Web Token and use it to execute an HTTP API Method without the need for valid authentication/authorization. Under certain circumstances, this could be used by an attacker to impact system availability by conducting a Denial of Service attack."}]},"generator":{"engine":"Vulnogram 0.0.9"},"impact":{"cvss":{"attackComplexity":"HIGH","attackVector":"ADJACENT_NETWORK","availabilityImpact":"LOW","baseScore":7.1,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L","version":"3.1"}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-285 : Improper Access Control (Authorization)"}]}]},"references":{"reference_data":[{"name":"https://www.johnsoncontrols.com/cyber-solutions/security-advisories","refsource":"CONFIRM","url":"https://www.johnsoncontrols.com/cyber-solutions/security-advisories"},{"name":"ICS-CERT Advisory","refsource":"CERT","url":"https://us-cert.cisa.gov/ics/advisories/icsa-20-324-01"},{"name":"https://us-cert.cisa.gov/ics/advisories/icsa-20-324-01","refsource":"MISC","url":"https://us-cert.cisa.gov/ics/advisories/icsa-20-324-01"}]},"solution":[{"lang":"en","value":"victor Web Client\n\n•\tvictor Web Client v5.6 and earlier – upgrade to v5.6 SP1 (victor Unified Client v5.6 SP1)\n\nRegistered users can obtain the software update by downloading the update found here: https://www.americandynamics.net/support/SoftwareDownloads.aspx.\n\nC•CURE Web Client\n\nC•CURE Web v2.60 and earlier - upgrade to a minimum of v2.70 and install the relevant update below.\n\n•\tC•CURE Web v2.70 - install the update WebClient_c2.70_5.2_Update02\n•\tC•CURE Web v2.80 - install the update WebClient_c2.80_v5.4.1_Update04\n•\tC•CURE Web v2.90 - install the update CCureWeb_2.90_Update01 \n\nRegistered users can obtain the software update by downloading the update found here: https://swhouse.com/Support/SoftwareDownloads.aspx."}],"source":{"discovery":"EXTERNAL"}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T10:19:19.448Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://www.johnsoncontrols.com/cyber-solutions/security-advisories"},{"name":"ICS-CERT Advisory","tags":["third-party-advisory","x_refsource_CERT","x_transferred"],"url":"https://us-cert.cisa.gov/ics/advisories/icsa-20-324-01"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://us-cert.cisa.gov/ics/advisories/icsa-20-324-01"}]}]},"cveMetadata":{"assignerOrgId":"7281d04a-a537-43df-bfb4-fa4110af9d01","assignerShortName":"jci","cveId":"CVE-2020-9049","datePublished":"2020-11-19T15:27:09.782Z","dateReserved":"2020-02-18T00:00:00.000Z","dateUpdated":"2024-09-17T02:57:34.537Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}