CVE-2021-36198

HIGH

Johnsoncontrols Johnson Controls Kantech EntraPass <= 8.40 - Information Disclosure

Title source: llm

Successful exploitation of this vulnerability could allow an unauthorized user to access sensitive data.

CVSS v3 8.3

EPSS 0.0020

EPSS Percentile 41.4%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L

CWE

CWE-200 CWE-668

Status published

johnsoncontrols/kantech_entrapass < 8.40

Published Dec 06, 2021

Tracked Since Feb 18, 2026