exploitDog

CVE-2023-51708

Опубликовано: 22 дек. 2023

Источник: nvd

CVSS3: 8.6

EPSS Низкий

Описание

Bentley eB System Management Console applications within Assetwise Integrity Information Server allow an unauthenticated user to view configuration options via a crafted request, leading to information disclosure. This affects eB System management Console before 23.00.02.03 and Assetwise ALIM For Transportation before 23.00.01.25.

Ссылки

https://www.bentley.com/advisories/be-2023-0002/
Vendor Advisory
https://www.bentley.com/advisories/be-2023-0002/
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:bentley:assetwise_alim_for_transportation:*:*:*:*:*:*:*:*

Версия до 23.00.01.25 (исключая)

cpe:2.3:a:bentley:eb_system_management_console:*:*:*:*:*:*:*:*

Версия до 23.00.02.03 (исключая)

EPSS

Процентиль: 53%

0.00299

Низкий

8.6 High

CVSS3

Дефекты

CWE-287

Связанные уязвимости

GHSA-xgc4-wqm7-7qrj

CVSS3: 8.6

github

около 2 лет назад

Bentley eB System Management Console applications within Assetwise Integrity Information Server allow an unauthenticated user to view configuration options via a crafted request, leading to information disclosure. This affects eB System management Console before 23.00.02.03 and Assetwise ALIM For Transportation before 23.00.01.25.

EPSS

Процентиль: 53%

0.00299

Низкий

8.6 High

CVSS3

Дефекты

CWE-287