Vulnerabilities > CVE-2022-45164 - Unspecified vulnerability in Archibus web Central 2022.03.01.107

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

LOW

Availability impact

NONE

network

low complexity

archibus

NVD

Published: 2023-01-10

Updated: 2023-01-14

Summary

An issue was discovered in Archibus Web Central 2022.03.01.107. A service exposed by the application allows a basic user to cancel (delete) a booking, created by someone else - even if this basic user is not a member of the booking

Vulnerable Configurations

Part	Description	Count
Application	Archibus Archibus Archibus WEB Central 2022.03.01.107	1

References

https://excellium-services.com/cert-xlm-advisory/CVE-2022-45164/