OpenCVE

An unauthenticated user could log into iSTAR Ultra, iSTAR Ultra LT, iSTAR Ultra G2, and iSTAR Edge G2 with administrator rights.

No CVSS v4.0

Attack Vector Adjacent Network

Attack Complexity High

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact High

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Johnsoncontrols	Edge G2 Edge G2 Firmware Istar Ultra Istar Ultra Firmware Istar Ultra G2 Istar Ultra G2 Firmware Istar Ultra Lt Istar Ultra Lt Firmware

Configuration 1 [-]

AND

OR	cpe:2.3:o:johnsoncontrols:istar_ultra_firmware::::::::
	cpe:2.3:o:johnsoncontrols:istar_ultra_firmware:6.9.2:-::::::

cpe:2.3:h:johnsoncontrols:istar_ultra:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

OR	cpe:2.3:o:johnsoncontrols:istar_ultra_lt_firmware::::::::
	cpe:2.3:o:johnsoncontrols:istar_ultra_lt_firmware:6.9.2:-::::::

cpe:2.3:h:johnsoncontrols:istar_ultra_lt:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

OR	cpe:2.3:o:johnsoncontrols:istar_ultra_g2_firmware::::::::
	cpe:2.3:o:johnsoncontrols:istar_ultra_g2_firmware:6.9.2:-::::::

cpe:2.3:h:johnsoncontrols:istar_ultra_g2:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

OR	cpe:2.3:o:johnsoncontrols:edge_g2_firmware::::::::
	cpe:2.3:o:johnsoncontrols:edge_g2_firmware:6.9.2:-::::::

cpe:2.3:h:johnsoncontrols:edge_g2:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://www.cisa.gov/news-events/ics-advisories/icsa-23-192-02
https://www.johnsoncontrols.com/cyber-solutions/security-advisories

History

Tue, 22 Oct 2024 21:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: jci

Published: 2023-07-11T21:06:29.003Z

Updated: 2024-10-22T20:31:09.969Z

Reserved: 2023-06-06T14:51:53.713Z

Link: CVE-2023-3127

Vulnrichment

Updated: 2024-08-02T06:48:07.288Z

NVD

Status : Modified

Published: 2023-07-11T22:15:09.907

Modified: 2024-11-21T08:16:31.063

Link: CVE-2023-3127

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-3127", "assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01", "state": "PUBLISHED", "assignerShortName": "jci", "dateReserved": "2023-06-06T14:51:53.713Z", "datePublished": "2023-07-11T21:06:29.003Z", "dateUpdated": "2024-10-22T20:31:09.969Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "iSTAR Ultra", "vendor": "Sensormatic Electronics, a subsidiary of Johnson Controls, Inc.", "versions": [{"lessThan": "6.9.2 CU01", "status": "affected", "version": ">6.8.6", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "iSTAR Ultra LT", "vendor": "Sensormatic Electronics, a subsidiary of Johnson Controls, Inc.", "versions": [{"lessThan": "6.9.2 CU01", "status": "affected", "version": ">6.8.6", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "iSTAR Ultra G2", "vendor": "Sensormatic Electronics, a subsidiary of Johnson Controls, Inc.", "versions": [{"lessThan": "6.9.2 CU01", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "iSTAR Edge G2", "vendor": "Sensormatic Electronics, a subsidiary of Johnson Controls, Inc.", "versions": [{"lessThan": "6.9.2 CU01", "status": "affected", "version": "0", "versionType": "custom"}]}], "datePublic": "2023-07-11T21:03:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "An unauthenticated user could log into iSTAR Ultra, iSTAR Ultra LT, iSTAR Ultra G2, and iSTAR Edge G2 with administrator rights."}], "value": "An unauthenticated user could log into iSTAR Ultra, iSTAR Ultra LT, iSTAR Ultra G2, and iSTAR Edge G2 with administrator rights."}], "impacts": [{"capecId": "CAPEC-115", "descriptions": [{"lang": "en", "value": "CAPEC-115 Authentication Bypass"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "LOW", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-287", "description": "CWE-287 Improper Authentication", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01", "shortName": "jci", "dateUpdated": "2023-07-11T21:06:29.003Z"}, "references": [{"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"}, {"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-192-02"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Upgrade iSTAR Ultra, iSTAR Ultra LT, iSTAR Ultra G2, and iSTAR Edge G2 firmware to version 6.9.2 CU01.<br><br>"}], "value": "Upgrade iSTAR Ultra, iSTAR Ultra LT, iSTAR Ultra G2, and iSTAR Edge G2 firmware to version 6.9.2 CU01.\n\n"}], "source": {"discovery": "UNKNOWN"}, "title": "Improper Authentication in iSTAR", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T06:48:07.288Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories", "tags": ["x_transferred"]}, {"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-192-02", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-10-22T20:30:47.341803Z", "id": "CVE-2023-3127", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-22T20:31:09.969Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories", "tags": ["x_transferred"]}, {"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-192-02", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T06:48:07.288Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-3127", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-10-22T20:30:47.341803Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-22T20:31:05.922Z"}}], "cna": {"title": "Improper Authentication in iSTAR", "source": {"discovery": "UNKNOWN"}, "impacts": [{"capecId": "CAPEC-115", "descriptions": [{"lang": "en", "value": "CAPEC-115 Authentication Bypass"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:L", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Sensormatic Electronics, a subsidiary of Johnson Controls, Inc.", "product": "iSTAR Ultra", "versions": [{"status": "affected", "version": ">6.8.6", "lessThan": "6.9.2 CU01", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"vendor": "Sensormatic Electronics, a subsidiary of Johnson Controls, Inc.", "product": "iSTAR Ultra LT", "versions": [{"status": "affected", "version": ">6.8.6", "lessThan": "6.9.2 CU01", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"vendor": "Sensormatic Electronics, a subsidiary of Johnson Controls, Inc.", "product": "iSTAR Ultra G2", "versions": [{"status": "affected", "version": "0", "lessThan": "6.9.2 CU01", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"vendor": "Sensormatic Electronics, a subsidiary of Johnson Controls, Inc.", "product": "iSTAR Edge G2", "versions": [{"status": "affected", "version": "0", "lessThan": "6.9.2 CU01", "versionType": "custom"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Upgrade iSTAR Ultra, iSTAR Ultra LT, iSTAR Ultra G2, and iSTAR Edge G2 firmware to version 6.9.2 CU01.\n\n", "supportingMedia": [{"type": "text/html", "value": "Upgrade iSTAR Ultra, iSTAR Ultra LT, iSTAR Ultra G2, and iSTAR Edge G2 firmware to version 6.9.2 CU01.<br><br>", "base64": false}]}], "datePublic": "2023-07-11T21:03:00.000Z", "references": [{"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"}, {"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-192-02"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "An unauthenticated user could log into iSTAR Ultra, iSTAR Ultra LT, iSTAR Ultra G2, and iSTAR Edge G2 with administrator rights.", "supportingMedia": [{"type": "text/html", "value": "An unauthenticated user could log into iSTAR Ultra, iSTAR Ultra LT, iSTAR Ultra G2, and iSTAR Edge G2 with administrator rights.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-287", "description": "CWE-287 Improper Authentication"}]}], "providerMetadata": {"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01", "shortName": "jci", "dateUpdated": "2023-07-11T21:06:29.003Z"}}}, "cveMetadata": {"cveId": "CVE-2023-3127", "state": "PUBLISHED", "dateUpdated": "2024-10-22T20:31:09.969Z", "dateReserved": "2023-06-06T14:51:53.713Z", "assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01", "datePublished": "2023-07-11T21:06:29.003Z", "assignerShortName": "jci"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:johnsoncontrols:istar_ultra_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C49B542F-166F-4385-B910-705064C5B109", "versionEndExcluding": "6.9.2", "versionStartIncluding": "6.8.6", "vulnerable": true}, {"criteria": "cpe:2.3:o:johnsoncontrols:istar_ultra_firmware:6.9.2:-:*:*:*:*:*:*", "matchCriteriaId": "7AF26AC6-083F-4BB3-86AF-8730E2BFD397", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:johnsoncontrols:istar_ultra:-:*:*:*:*:*:*:*", "matchCriteriaId": "F89B3465-8274-49E5-8290-1893B4C2AC07", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:johnsoncontrols:istar_ultra_lt_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C9D2D8D5-A67D-45DD-A718-37C29D633931", "versionEndExcluding": "6.9.2", "versionStartIncluding": "6.8.6", "vulnerable": true}, {"criteria": "cpe:2.3:o:johnsoncontrols:istar_ultra_lt_firmware:6.9.2:-:*:*:*:*:*:*", "matchCriteriaId": "5294AD55-D524-4E5A-ACEC-7685974A9415", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:johnsoncontrols:istar_ultra_lt:-:*:*:*:*:*:*:*", "matchCriteriaId": "A759A7FA-5AEA-48D8-B40E-B0DA7223F0F4", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:johnsoncontrols:istar_ultra_g2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "85B7CE5A-A2A1-4433-B85A-8B6255B3D657", "versionEndExcluding": "6.9.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:johnsoncontrols:istar_ultra_g2_firmware:6.9.2:-:*:*:*:*:*:*", "matchCriteriaId": "7A3A4BDF-12FE-43C9-8CD4-0CA764E08175", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:johnsoncontrols:istar_ultra_g2:-:*:*:*:*:*:*:*", "matchCriteriaId": "A148D700-5542-473A-B88F-849180658787", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:johnsoncontrols:edge_g2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "6D26CC65-9CCF-41A5-BC1B-2AAFAF9393E1", "versionEndExcluding": "6.9.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:johnsoncontrols:edge_g2_firmware:6.9.2:-:*:*:*:*:*:*", "matchCriteriaId": "C629C7CF-4372-494D-8B1C-CC4795356E03", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:johnsoncontrols:edge_g2:-:*:*:*:*:*:*:*", "matchCriteriaId": "95BBCCE7-3098-41B0-A388-53E3DA9A29B9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "An unauthenticated user could log into iSTAR Ultra, iSTAR Ultra LT, iSTAR Ultra G2, and iSTAR Edge G2 with administrator rights."}], "id": "CVE-2023-3127", "lastModified": "2024-11-21T08:16:31.063", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "LOW", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:L", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 5.3, "source": "productsecurity@jci.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-07-11T22:15:09.907", "references": [{"source": "productsecurity@jci.com", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-192-02"}, {"source": "productsecurity@jci.com", "tags": ["Vendor Advisory"], "url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-192-02"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"}], "sourceIdentifier": "productsecurity@jci.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "productsecurity@jci.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-287"}], "source": "nvd@nist.gov", "type": "Primary"}]}