Vulnerabilities > CVE-2022-45166 - Unspecified vulnerability in Archibus web Central 2022.03.01.107

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

LOW

Integrity impact

NONE

Availability impact

NONE

network

low complexity

archibus

NVD

Published: 2023-01-10

Updated: 2024-11-21

Summary

An issue was discovered in Archibus Web Central 2022.03.01.107. A service exposed by the application accepts a set of user-controlled parameters that are used to act on the data returned to the user. It allows a basic user to access data unrelated to their role.

Vulnerable Configurations

Part	Description	Count
Application	Archibus Archibus Archibus WEB Central 2022.03.01.107	1

References

https://excellium-services.com/cert-xlm-advisory/CVE-2022-45166/
https://excellium-services.com/cert-xlm-advisory/CVE-2022-45166/