QwikSec

Security Database

CVE

CWE

Training

CVE-2024-0912

Published: Jun 5, 2024

Modified: Aug 1, 2024

PUBLISHED

Description

Under certain circumstances the Microsoft® Internet Information Server (IIS) used to host the C•CURE 9000 Web Server will log Microsoft Windows credential details within logs. There is no impact to non-web service interfaces C•CURE 9000 or prior versions

Vendor	Product	Versions
Johnson Controls	Software House C•CURE 9000	affected `0 - <= 2.90`

Weaknesses (CWE)

References

https://www.johnsoncontrols.com/-/media/jci/cyber-solutions/product-security-advisories/2024/jci-psa-2024-04.pdf

https://www.cisa.gov/news-events/ics-advisories/icsa-24-135-03

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

CVE-2024-0912 - Security Vulnerability | QwikSec