Software House C-cure 9000 CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2024-32861	1 Johnsoncontrols	1 Software House C-cure 9000	2025-07-21	7.8 High
Under certain circumstances the impacted Software House C•CURE 9000 installer will utilize unnecessarily wide permissions.
CVE-2024-0912	1 Johnsoncontrols	1 Software House C-cure 9000 Siteserver	2024-11-21	4.2 Medium
Under certain circumstances the Microsoft® Internet Information Server (IIS) used to host the C•CURE 9000 Web Server will log Microsoft Windows credential details within logs. There is no impact to non-web service interfaces C•CURE 9000 or prior versions

Page 1 of 1.