17 matches found
CVE-2024-27455
In the Bentley ALIM Web application, certain configuration settings can cause exposure of a user's ALIM session token when the user attempts to download files. This is fixed in Assetwise ALIM Web 23.00.04.04 and Assetwise Information Integrity Server 23.00.02.03...
CVE-2023-51708
Bentley eB System Management Console applications within Assetwise Integrity Information Server allow an unauthenticated user to view configuration options via a crafted request, leading to information disclosure. This affects eB System management Console before 23.00.02.03 and Assetwise ALIM For...
CVE-2024-27455
In the Bentley ALIM Web application, certain configuration settings can cause exposure of a user's ALIM session token when the user attempts to download files. This is fixed in Assetwise ALIM Web 23.00.04.04 and Assetwise Information Integrity Server 23.00.02.03...
Code injection
In the Bentley ALIM Web application, certain configuration settings can cause exposure of a user's ALIM session token when the user attempts to download files. This is fixed in Assetwise ALIM Web 23.00.02.03 and Assetwise Information Integrity Server 23.00.04.04...
CVE-2024-27455
In the Bentley ALIM Web application, certain configuration settings can cause exposure of a user's ALIM session token when the user attempts to download files. This is fixed in Assetwise ALIM Web 23.00.04.04 and Assetwise Information Integrity Server 23.00.02.03...
CVE-2024-27455
The CVE-2024-27455 issue affects Bentley Assetwise ALIM Web and Assetwise Information Integrity Server. A configuration-related flaw can cause exposure of a user’s ALIM session token when downloading files. Affected versions are Assetwise ALIM Web prior to 23.00.04.04 and Assetwise Information In...
Bentley Assetwise ALIM Web Security Vulnerability
Bentley AssetWise ALIM Web is a Bentley web-based application for managing asset and infrastructure lifecycles. A security vulnerability exists in Bentley Assetwise ALIM Web versions prior to 23.00.02.03 and Assetwise Information Integrity Server versions prior to 23.00.04.04, which stems from th...
CVE-2024-27455
In the Bentley ALIM Web application, certain configuration settings can cause exposure of a user's ALIM session token when the user attempts to download files. This is fixed in Assetwise ALIM Web 23.00.04.04 and Assetwise Information Integrity Server 23.00.02.03...
PT-2024-21908 · Bentley · Assetwise Information Integrity Server +1
Name of the Vulnerable Software and Affected Versions: Assetwise ALIM Web versions prior to 23.00.04.04 Assetwise Information Integrity Server versions prior to 23.00.02.03 Description: The issue arises in the Bentley ALIM Web application when certain configuration settings cause exposure of a...
CVE-2023-51708
Bentley eB System Management Console applications within Assetwise Integrity Information Server allow an unauthenticated user to view configuration options via a crafted request, leading to information disclosure. This affects eB System management Console before 23.00.02.03 and Assetwise ALIM For...
CVE-2023-51708
Bentley eB System Management Console applications within Assetwise Integrity Information Server allow an unauthenticated user to view configuration options via a crafted request, leading to information disclosure. This affects eB System management Console before 23.00.02.03 and Assetwise ALIM For...
CVE-2023-51708
Bentley eB System Management Console applications within Assetwise Integrity Information Server allow an unauthenticated user to view configuration options via a crafted request, leading to information disclosure. This affects eB System management Console before 23.00.02.03 and Assetwise ALIM For...
Information disclosure
Bentley eB System Management Console applications within Assetwise Integrity Information Server allow an unauthenticated user to view configuration options via a crafted request, leading to information disclosure. This affects eB System management Console before 23.00.02.03 and Assetwise ALIM For...
CVE-2023-51708
Bentley eB System Management Console applications within Assetwise Integrity Information Server allow an unauthenticated user to view configuration options via a crafted request, leading to information disclosure. This affects eB System management Console before 23.00.02.03 and Assetwise ALIM For...
CVE-2023-51708
Summary: CVE-2023-51708 affects Bentley eB System Management Console (Assetwise Integrity Information Server). An unauthenticated user can view configuration options via a crafted request, causing information disclosure. Affected versions are eB System Management Console prior to 23.00.02.03 and ...
CVE-2023-51708
Bentley eB System Management Console applications within Assetwise Integrity Information Server allow an unauthenticated user to view configuration options via a crafted request, leading to information disclosure. This affects eB System management Console before 23.00.02.03 and Assetwise ALIM For...
PT-2023-31886 · Unknown · Eb System Management Console +1
Name of the Vulnerable Software and Affected Versions: eB System Management Console versions prior to 23.00.02.03 Assetwise ALIM For Transportation versions prior to 23.00.01.25 Description: The issue allows an unauthenticated user to view configuration options via a crafted request, leading to...