Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Bentley Systems iTwin Platform exposed access token
Vulnerability Description
Bentley Systems iTwin Platform exposed a Cesium ion access token in the source of some web pages. An unauthenticated attacker could use this token to enumerate or delete certain assets. As of 2026-03-27, the token is no longer present in the web pages and cannot be used to enumerate or delete assets.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
Vulnerability Type
通过源代码导致的信息暴露
Vulnerability Title
Bentley Systems iTwin Platform 安全漏洞
Vulnerability Description
Bentley Systems iTwin Platform是Bentley Systems公司的一个数字孪生云平台,支持基础设施数据建模与全生命周期管理。 Bentley Systems iTwin Platform存在安全漏洞,该漏洞源于Web页面源代码中暴露访问令牌,可能导致资产枚举或删除。
CVSS Information
N/A
Vulnerability Type
N/A