CVE-2023-51708

HIGH

Bentley eB System Management Console <23.00.02.03 - Info Disclosure

Title source: llm

Description

Bentley eB System Management Console applications within Assetwise Integrity Information Server allow an unauthenticated user to view configuration options via a crafted request, leading to information disclosure. This affects eB System management Console before 23.00.02.03 and Assetwise ALIM For Transportation before 23.00.01.25.

References (1)

[Vendor Advisory] https://www.bentley.com/advisories/be-2023-0002/

Scores

CVSS v3 8.6

EPSS 0.0030

EPSS Percentile 52.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

Classification

CWE

CWE-287

Status published

Affected Products (2)

bentley/assetwise_alim_for_transportation < 23.00.01.25

bentley/eb_system_management_console < 23.00.02.03

Timeline

Published Dec 22, 2023

Tracked Since Feb 18, 2026