CVE-2025-31512

An issue was discovered in AlertEnterprise Guardian 4.1.14.2.2.1. One can bypass manager approval via isAddedByApprover in a Request%20Building%20Access requestSubmit API call. The vendor has stated that the system is protected by updating to a version equal to or greater than one of the followin...

Alert Enterprise Guardian 安全漏洞

Alert Enterprise Guardian is a physical identity and access management system open-sourced by Alert Enterprise in the United States. A security vulnerability exists in Alert Enterprise Guardian version 4.1.14.2.2.1, which originates from elevation to administrator privileges via the IsAdminApprov...

CVE-2025-31511

An issue was discovered in AlertEnterprise Guardian 4.1.14.2.2.1. One can bypass manager approval by changing the user ID in a Request%20Building%20Access requestSubmit API call. The vendor has stated that the system is protected by updating to a version equal to or greater than one of the...

PT-2025-30453 · Alertenterprise · Alertenterprise Guardian

Name of the Vulnerable Software and Affected Versions: AlertEnterprise Guardian version 4.1.14.2.2.1 Description: An issue allows for privilege escalation to administrator privileges via manipulation of the IsAdminApprover parameter within a Request Building Access request submitted through the...