Vulnerabilities > Archibus > WEB Central > High

DATE CVE VULNERABILITY TITLE RISK
2023-01-10 CVE-2022-45165 SQL Injection vulnerability in Archibus web Central 2022.03.01.107
An issue was discovered in Archibus Web Central 2022.03.01.107.
network
low complexity
archibus CWE-89
8.8
8.8
2021-10-05 CVE-2021-41554 Missing Authorization vulnerability in Archibus web Central 21.3.3.815
ARCHIBUS Web Central 21.3.3.815 (a version from 2014) does not properly validate requests for access to data and functionality in these affected endpoints: /archibus/schema/ab-edit-users.axvw, /archibus/schema/ab-data-dictionary-table.axvw, /archibus/schema/ab-schema-add-field.axvw, /archibus/schema/ab-core/views/process-navigator/ab-my-user-profile.axvw.
network
low complexity
archibus CWE-862
8.8
8.8