Every CVE whose affected-product data names Archibus Web Central, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2021-41553 — CVSS 9.8 (critical): In ARCHIBUS Web Central 21.3.3.815 (a version from 2014), the Web Application in /archibus/login.axvw assign a session token that could be…
CVE-2022-28862 — CVSS 9.8 (critical): In Archibus Web Central before 26.2, multiple SQL Injection vulnerabilities occur in dwr/call/plaincall/workflow.runWorkflowRule.dwr…
CVE-2021-41554 — CVSS 8.8 (high): ARCHIBUS Web Central 21.3.3.815 (a version from 2014) does not properly validate requests for access to data and functionality in these…
CVE-2022-45165 — CVSS 6.5 (medium): An issue was discovered in Archibus Web Central 2022.03.01.107. A service exposed by the application accepts a user-controlled parameter…
CVE-2021-41555 — CVSS 6.1 (medium): In ARCHIBUS Web Central 21.3.3.815 (a version from 2014), XSS occurs in /archibus/dwr/call/plaincall/workflow.runWorkflowRule.dwr because…