Johnsoncontrols C-cure_9000
2 CVEs affecting Johnsoncontrols C-cure_9000. Latest disclosed: 2022-10-11. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2021-27660 | High | 8.8 | 2021-07-01 | An insecure client auto update feature in C-CURE 9000 can allow remote execution of lower privileged Windows programs. |
CVE-2021-36201 | Medium | 4.3 | 2022-10-11 | Under certain circumstances a CCURE Portal user could enumerate user accounts in CCURE 9000 version 2.90 and prior versions. |