Описание
In the Bentley ALIM Web application, certain configuration settings can cause exposure of a user's ALIM session token when the user attempts to download files. This is fixed in Assetwise ALIM Web 23.00.04.04 and Assetwise Information Integrity Server 23.00.02.03.
EPSS
Процентиль: 27%
0.00095
Низкий
9.1 Critical
CVSS3
Дефекты
CWE-488
Связанные уязвимости
CVSS3: 9.1
github
почти 2 года назад
In the Bentley ALIM Web application, certain configuration settings can cause exposure of a user's ALIM session token when the user attempts to download files. This is fixed in Assetwise ALIM Web 23.00.02.03 and Assetwise Information Integrity Server 23.00.04.04.
EPSS
Процентиль: 27%
0.00095
Низкий
9.1 Critical
CVSS3
Дефекты
CWE-488