Unauthenticated Information Disclosure in Bentley eB System Management Console

Unauthenticated Information Disclosure in Bentley eB System Management Console

CVE-2023-51708 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

Bentley eB System Management Console applications within Assetwise Integrity Information Server allow an unauthenticated user to view configuration options via a crafted request, leading to information disclosure. This affects eB System management Console before 23.00.02.03 and Assetwise ALIM For Transportation before 23.00.01.25.

Learn more about our Cis Benchmark Audit For Server Software.