Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In the Bentley ALIM Web application, certain configuration settings can cause exposure of a user's ALIM session token when the user attempts to download files. This is fixed in Assetwise ALIM Web 23.00.04.04 and Assetwise Information Integrity Server 23.00.02.03.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Bentley Assetwise ALIM Web 安全漏洞
Vulnerability Description
Bentley AssetWise ALIM Web是Bentley公司的一个基于Web的应用程序,用于管理资产和基础设施生命周期。 Bentley Assetwise ALIM Web 23.00.02.03之前版本和Assetwise Information Integrity Server 23.00.04.04之前版本存在安全漏洞,该漏洞源于当用户尝试下载文件时,某些配置设置可能会导致用户的ALIM会话令牌暴露。
CVSS Information
N/A
Vulnerability Type
N/A