CVE-2024-27455 Information

Description

In the Bentley ALIM Web application certain configuration settings can cause exposure of a user’s ALIM session token when the user attempts to download files. This is fixed in Assetwise ALIM Web 23.00.02.03 and Assetwise Information Integrity Server 23.00.04.04.

Reference

https://www.bentley.com/advisories/be-2024-0001/