CVE-2022-21941 - Vulnerability Details - OpenCVE

Description

All versions of iSTAR Ultra prior to version 6.8.9.CU01 are vulnerable to a command injection that could allow an unauthenticated user root access to the system.

Published: 2022-08-31

Score: 10 Critical

EPSS: 19.7% Moderate

KEV: No

Impact:

Action:

Analysis

No analysis available yet.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Johnson Controls

iSTAR Ultra

affected

Version	Status	Constraints
`all versions prior to 6.8.9.CU01`	affected	< 6.8.9.CU01

Configuration 1 [-]

AND

cpe:2.3:o:johnsoncontrols:istar_ultra_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:johnsoncontrols:istar_ultra:-:*:*:*:*:*:*:*

No data.

No data available yet.

Remediation

Vendor Solution

Upgrade iSTAR Ultra firmware to version 6.8.9.CU01. The firmware can be downloaded here: https://www.swhouse.com/Support/SoftwareDownloads.aspx

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.1974.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://www.cisa.gov/uscert/ics/advisories/icsa-22-242-11
https://www.johnsoncontrols.com/cyber-solutions/security-advisories

History

No history.

Subscriptions

Johnsoncontrols Istar Ultra Istar Ultra Firmware

MITRE

Status: PUBLISHED

Assigner: jci

Published: 2022-08-31T15:59:33.979Z

Updated: 2024-09-17T01:51:30.183Z

Reserved: 2021-12-15T00:00:00.000Z

Link: CVE-2022-21941

Vulnrichment

No data.

NVD

Status : Modified

Published: 2022-08-31T16:15:10.167

Modified: 2024-11-21T06:45:45.180

Link: CVE-2022-21941

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

CWE-77

{"containers": {"cna": {"affected": [{"product": "iSTAR Ultra", "vendor": "Johnson Controls", "versions": [{"lessThan": "6.8.9.CU01", "status": "affected", "version": "all versions prior to 6.8.9.CU01", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "Khoa Hoang"}], "datePublic": "2022-08-30T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "All versions of iSTAR Ultra prior to version 6.8.9.CU01 are vulnerable to a command injection that could allow an unauthenticated user root access to the system."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 10, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-77", "description": "CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-09-09T14:40:06.000Z", "orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01", "shortName": "jci"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"}, {"name": "ICS-CERT Advisory", "tags": ["third-party-advisory", "x_refsource_CERT"], "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-242-11"}], "solutions": [{"lang": "en", "value": "Upgrade iSTAR Ultra firmware to version 6.8.9.CU01. The firmware can be downloaded here: https://www.swhouse.com/Support/SoftwareDownloads.aspx"}], "source": {"discovery": "EXTERNAL"}, "title": "iSTAR Ultra", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "productsecurity@jci.com", "DATE_PUBLIC": "2022-08-30T19:27:00.000Z", "ID": "CVE-2022-21941", "STATE": "PUBLIC", "TITLE": "iSTAR Ultra"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "iSTAR Ultra", "version": {"version_data": [{"version_affected": "<", "version_name": "all versions prior to 6.8.9.CU01", "version_value": "6.8.9.CU01"}]}}]}, "vendor_name": "Johnson Controls"}]}}, "credit": [{"lang": "eng", "value": "Khoa Hoang"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "All versions of iSTAR Ultra prior to version 6.8.9.CU01 are vulnerable to a command injection that could allow an unauthenticated user root access to the system."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 10, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')"}]}]}, "references": {"reference_data": [{"name": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories", "refsource": "CONFIRM", "url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"}, {"name": "ICS-CERT Advisory", "refsource": "CERT", "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-242-11"}]}, "solution": [{"lang": "en", "value": "Upgrade iSTAR Ultra firmware to version 6.8.9.CU01. The firmware can be downloaded here: https://www.swhouse.com/Support/SoftwareDownloads.aspx"}], "source": {"discovery": "EXTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T03:00:53.847Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"}, {"name": "ICS-CERT Advisory", "tags": ["third-party-advisory", "x_refsource_CERT", "x_transferred"], "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-242-11"}]}]}, "cveMetadata": {"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01", "assignerShortName": "jci", "cveId": "CVE-2022-21941", "datePublished": "2022-08-31T15:59:33.979Z", "dateReserved": "2021-12-15T00:00:00.000Z", "dateUpdated": "2024-09-17T01:51:30.183Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:johnsoncontrols:istar_ultra_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "88348352-6AD6-4AB5-86AB-2DF3585AECDB", "versionEndExcluding": "6.8.9.cu01", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:johnsoncontrols:istar_ultra:-:*:*:*:*:*:*:*", "matchCriteriaId": "F89B3465-8274-49E5-8290-1893B4C2AC07", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "All versions of iSTAR Ultra prior to version 6.8.9.CU01 are vulnerable to a command injection that could allow an unauthenticated user root access to the system."}, {"lang": "es", "value": "Todas las versiones de iSTAR Ultra anteriores a la versi\u00f3n 6.8.9.CU01 son vulnerables a una inyecci\u00f3n de comandos que podr\u00eda permitir a un usuario no autentificado el acceso a la ra\u00edz del sistema"}], "id": "CVE-2022-21941", "lastModified": "2024-11-21T06:45:45.180", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 10.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 6.0, "source": "productsecurity@jci.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-08-31T16:15:10.167", "references": [{"source": "productsecurity@jci.com", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-242-11"}, {"source": "productsecurity@jci.com", "tags": ["Mitigation", "Vendor Advisory"], "url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-242-11"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mitigation", "Vendor Advisory"], "url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"}], "sourceIdentifier": "productsecurity@jci.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-77"}], "source": "productsecurity@jci.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-77"}], "source": "nvd@nist.gov", "type": "Primary"}]}