CVE-2021-41554

HIGH

ARCHIBUS Web Central 21.3.3.815 - Authenticated Missing Authorization in Administrative Endpoints

Title source: llm
STIX 2.1

Description

ARCHIBUS Web Central 21.3.3.815 (a version from 2014) does not properly validate requests for access to data and functionality in these affected endpoints: /archibus/schema/ab-edit-users.axvw, /archibus/schema/ab-data-dictionary-table.axvw, /archibus/schema/ab-schema-add-field.axvw, /archibus/schema/ab-core/views/process-navigator/ab-my-user-profile.axvw. By not verifying the permissions for access to resources, it allows a potential attacker to view pages that are not allowed. Specifically, it was found that any authenticated user can reach the administrative console for user management by directly requesting access to the page via URL. This allows a malicious user to modify all users' profiles, to elevate any privileges to administrative ones, or to create or delete any type of user. It is also possible to modify the emails of other users, through a misconfiguration of the username parameter, on the user profile page. This is fixed in all recent versions, such as version 26. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. Version 21.3 was officially de-supported by the end of 2020

References (1)

Core 1
Core References
Third Party Advisory x_refsource_misc
https://www.gruppotim.it/redteam

Scores

CVSS v3 8.8
EPSS 0.0085
EPSS Percentile 53.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-862
Status published
Products (1)
archibus/web_central 21.3.3.815
Published Oct 05, 2021
Tracked Since Feb 18, 2026