Archibus Web Central

archibus_web_central

Vendor: Archibus • 3 CVEs

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-45167 1Archibus 1Archibus Web Central May 30, 2025 Jan 10, 2023 N/A· v4 4.3 MEDIUM· v3 N/A· v2 An issue was discovered in Archibus Web Central 2022.03.01.107. A service exposed by the application allows a basic user to access the profile information of all connected users.
CVE-2022-45166 1Archibus 1Archibus Web Central May 30, 2025 Jan 10, 2023 N/A· v4 4.3 MEDIUM· v3 N/A· v2 An issue was discovered in Archibus Web Central 2022.03.01.107. A service exposed by the application accepts a set of user-controlled parameters that are used to act on the data returned to the user. It allows a basic us...Show more An issue was discovered in Archibus Web Central 2022.03.01.107. A service exposed by the application accepts a set of user-controlled parameters that are used to act on the data returned to the user. It allows a basic user to access data unrelated to their role.Show less
CVE-2022-45164 1Archibus 1Archibus Web Central May 30, 2025 Jan 10, 2023 N/A· v4 4.3 MEDIUM· v3 N/A· v2 An issue was discovered in Archibus Web Central 2022.03.01.107. A service exposed by the application allows a basic user to cancel (delete) a booking, created by someone else - even if this basic user is not a member of...Show more An issue was discovered in Archibus Web Central 2022.03.01.107. A service exposed by the application allows a basic user to cancel (delete) a booking, created by someone else - even if this basic user is not a member of the bookingShow less