CVE-2024-53007

MEDIUM

Bentley Systems ProjectWise Integration Server <10.00.03.288 - SQL ...

Title source: llm

Description

Bentley Systems ProjectWise Integration Server before 10.00.03.288 allows unintended SQL query execution by an authenticated user via an API call.

References (1)

Scores

CVSS v3 6.4
EPSS 0.0004
EPSS Percentile 10.4%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N

Classification

CWE
CWE-648
Status draft

Timeline

Published Jan 31, 2025
Tracked Since Feb 18, 2026