Description
OpenBlue Enterprise Manager Data Collector versions prior to 3.2.5.75 may expose sensitive information to an unauthorized user under certain circumstances.
Published: 2023-05-18
Score: 5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

No analysis available yet.

Remediation

Vendor Solution

Update all OpenBlue Enterprise Manager Data Collector firmware to version 3.2.5.75.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2023-33552 OpenBlue Enterprise Manager Data Collector versions prior to 3.2.5.75 may expose sensitive information to an unauthorized user under certain circumstances.
History

Wed, 12 Feb 2025 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Subscriptions

Johnsoncontrols Openblue Enterprise Manager Data Collector
cve-icon MITRE

Status: PUBLISHED

Assigner: jci

Published:

Updated: 2025-02-12T16:27:48.194Z

Reserved: 2023-04-13T15:11:24.430Z

Link: CVE-2023-2025

cve-icon Vulnrichment

Updated: 2024-08-02T06:12:19.939Z

cve-icon NVD

Status : Modified

Published: 2023-05-18T21:15:09.757

Modified: 2024-11-21T07:57:47.043

Link: CVE-2023-2025

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses