CVE-2014-5427
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2014-5427
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Johnson Controls Metasys 4.1 through 6.5, as used in Application and Data Server (ADS), Extended Application and Data Server (aka ADX), LonWorks Control Server 85 LCS8520, Network Automation Engine (NAE) 55xx-x, Network Integration Engine (NIE) 5xxx-x, and NxE8500, allows remote attackers to read password hashes via a POST request.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Johnson Controls Metasys 信息泄露漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Johnson Controls Metasys是美国江森自控(Johnson Controls)公司的一套楼宇自控系统。该系统支持通过多种开放协议或标准接口与消防、安防等弱电子系统联网,以及通过IT手段与企业ERP、机场航班等信息系统无缝集成。 多款Johnson Controls产品中使用的Johnson Controls Metasys 4.1版本至6.5版本中存在安全漏洞。远程攻击者可通过发送POST请求利用该漏洞获取哈希密码。以下产品受到影响:Application and Data Serve
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2014-5427
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2014-5427
Please Login to view more intelligence information
- https://ics-cert.us-cert.gov/advisories/ICSA-14-350-02x_refsource_MISC
- https://nvd.nist.gov/vuln/detail/CVE-2014-5427
Same Patch Batch · n/a · 2015-03-29 · 12 CVEs total
| CVE-2013-7437 | potrace 数字错误漏洞 | |
| CVE-2013-7438 | pbm212030 缓冲区溢出漏洞 | |
| CVE-2015-2785 | Byzanz GIF编码器基于堆的缓冲区溢出漏洞 | |
| CVE-2015-2786 | MyBB 安全漏洞 | |
| CVE-2014-5428 | Johnson Controls Metasys 代码注入漏洞 | |
| CVE-2014-9205 | MICROSYS PROMOTIC 基于栈的缓冲区溢出漏洞 | |
| CVE-2015-0528 | EMC Isilon OneFS RPC守护进程权限许可和访问控制漏洞 | |
| CVE-2015-0996 | Schneider Electric InduSoft Web Studio和InTouch Machine Edition 信息泄露漏洞 | |
| CVE-2015-0997 | Schneider Electric InduSoft Web Studio和InTouch Machine Edition 信息泄露漏洞 | |
| CVE-2015-0998 | Schneider Electric InduSoft Web Studio和InTouch Machine Edition 信息泄露漏洞 | |
| CVE-2015-0999 | Schneider Electric InduSoft Web Studio和InTouch Machine Edition 信息泄露漏洞 |
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8252
Open5GS SMF smf_nsmf_handle_create_data_in_hsmf null pointer - CVE-2026-8251
Open5GS SMF npcf-handler.c update_authorized_pcc_rule_and_qo - CVE-2026-8250
Open5GS SMF n4-build.c smf_n4_build_qos_flow_to_modify_list - CVE-2026-8249
Open5GS SMF npcf-handler.c update_authorized_pcc_rule_and_qo - CVE-2026-8248
Open5GS SMF npcf-handler.c update_authorized_pcc_rule_and_qo
V. Comments for CVE-2014-5427
No comments yet