Vulnerabilities (CVE)

Filtered by vendor Johnsoncontrols Subscribe
Filtered by product Istar Ultra
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-3127 1 Johnsoncontrols 8 Edge G2, Edge G2 Firmware, Istar Ultra and 5 more 2024-02-04 N/A 9.8 CRITICAL
An unauthenticated user could log into iSTAR Ultra, iSTAR Ultra LT, iSTAR Ultra G2, and iSTAR Edge G2 with administrator rights.
CVE-2022-21941 1 Johnsoncontrols 2 Istar Ultra, Istar Ultra Firmware 2024-02-04 N/A 9.8 CRITICAL
All versions of iSTAR Ultra prior to version 6.8.9.CU01 are vulnerable to a command injection that could allow an unauthenticated user root access to the system.