CVE-2022-45167: n/a in n/a
An issue was discovered in Archibus Web Central 2022.03.01.107. A service exposed by the application allows a basic user to access the profile information of all connected users.
AI Analysis
Technical Summary
CVE-2022-45167 is a medium-severity vulnerability identified in Archibus Web Central version 2022.03.01.107. Archibus Web Central is a widely used integrated workplace management system (IWMS) that organizations deploy to manage real estate, infrastructure, and facilities. The vulnerability arises from a service exposed by the application that improperly restricts access controls, allowing a basic authenticated user to retrieve profile information of all connected users. This constitutes an information disclosure vulnerability classified under CWE-200 (Exposure of Sensitive Information to an Unauthorized Actor). The CVSS v3.1 base score is 4.3, reflecting low attack complexity (no special conditions required), network attack vector (remote exploitation possible), no user interaction, and requiring low privileges (basic user authentication). The impact is limited to confidentiality as the attacker can only access profile information, without affecting integrity or availability. No known exploits are reported in the wild, and no patches or vendor advisories are currently linked. The lack of detailed product and version information beyond the stated version limits precise scope assessment, but the vulnerability affects at least the specified Archibus Web Central release. This issue could allow an attacker to gather sensitive user metadata such as usernames, roles, contact details, or other profile attributes, potentially aiding in further targeted attacks or social engineering campaigns within the organization.
Potential Impact
For European organizations using Archibus Web Central, this vulnerability poses a risk to user privacy and internal security posture. Disclosure of user profile information can facilitate reconnaissance by malicious actors, enabling them to identify privileged users or system administrators and craft targeted phishing or credential-based attacks. Although the vulnerability does not allow direct system compromise or data modification, the exposure of user metadata can be a stepping stone for lateral movement or privilege escalation attempts. Organizations in sectors with strict data protection regulations, such as GDPR, may face compliance risks if personal data is exposed without adequate controls. Facilities management and real estate firms, universities, government agencies, and large enterprises in Europe that rely on Archibus for workplace management are particularly at risk. The impact is more significant in environments where user profiles contain sensitive personal or organizational information. However, since exploitation requires at least basic user authentication, the threat is mitigated somewhat by internal access controls and network segmentation.
Mitigation Recommendations
To mitigate this vulnerability, European organizations should first verify if they are running the affected Archibus Web Central version 2022.03.01.107 or similar releases. In the absence of an official patch, immediate steps include restricting access to the Archibus Web Central application to trusted internal networks and enforcing strong authentication mechanisms to limit basic user accounts. Conduct a thorough review of user roles and permissions to ensure minimal privilege principles are applied, reducing the number of users who can authenticate with basic privileges. Implement network segmentation and firewall rules to limit exposure of the application to only necessary users. Monitor application logs for unusual access patterns or attempts to enumerate user profiles. Engage with the vendor or software provider to obtain updates or patches addressing this vulnerability. Additionally, consider deploying Web Application Firewalls (WAF) with custom rules to detect and block suspicious requests targeting the vulnerable service endpoints. Finally, conduct user awareness training to mitigate risks from potential phishing attacks that could leverage disclosed user information.
Affected Countries
Germany, France, United Kingdom, Netherlands, Italy, Spain, Belgium, Sweden
CVE-2022-45167: n/a in n/a
Description
An issue was discovered in Archibus Web Central 2022.03.01.107. A service exposed by the application allows a basic user to access the profile information of all connected users.
AI-Powered Analysis
Technical Analysis
CVE-2022-45167 is a medium-severity vulnerability identified in Archibus Web Central version 2022.03.01.107. Archibus Web Central is a widely used integrated workplace management system (IWMS) that organizations deploy to manage real estate, infrastructure, and facilities. The vulnerability arises from a service exposed by the application that improperly restricts access controls, allowing a basic authenticated user to retrieve profile information of all connected users. This constitutes an information disclosure vulnerability classified under CWE-200 (Exposure of Sensitive Information to an Unauthorized Actor). The CVSS v3.1 base score is 4.3, reflecting low attack complexity (no special conditions required), network attack vector (remote exploitation possible), no user interaction, and requiring low privileges (basic user authentication). The impact is limited to confidentiality as the attacker can only access profile information, without affecting integrity or availability. No known exploits are reported in the wild, and no patches or vendor advisories are currently linked. The lack of detailed product and version information beyond the stated version limits precise scope assessment, but the vulnerability affects at least the specified Archibus Web Central release. This issue could allow an attacker to gather sensitive user metadata such as usernames, roles, contact details, or other profile attributes, potentially aiding in further targeted attacks or social engineering campaigns within the organization.
Potential Impact
For European organizations using Archibus Web Central, this vulnerability poses a risk to user privacy and internal security posture. Disclosure of user profile information can facilitate reconnaissance by malicious actors, enabling them to identify privileged users or system administrators and craft targeted phishing or credential-based attacks. Although the vulnerability does not allow direct system compromise or data modification, the exposure of user metadata can be a stepping stone for lateral movement or privilege escalation attempts. Organizations in sectors with strict data protection regulations, such as GDPR, may face compliance risks if personal data is exposed without adequate controls. Facilities management and real estate firms, universities, government agencies, and large enterprises in Europe that rely on Archibus for workplace management are particularly at risk. The impact is more significant in environments where user profiles contain sensitive personal or organizational information. However, since exploitation requires at least basic user authentication, the threat is mitigated somewhat by internal access controls and network segmentation.
Mitigation Recommendations
To mitigate this vulnerability, European organizations should first verify if they are running the affected Archibus Web Central version 2022.03.01.107 or similar releases. In the absence of an official patch, immediate steps include restricting access to the Archibus Web Central application to trusted internal networks and enforcing strong authentication mechanisms to limit basic user accounts. Conduct a thorough review of user roles and permissions to ensure minimal privilege principles are applied, reducing the number of users who can authenticate with basic privileges. Implement network segmentation and firewall rules to limit exposure of the application to only necessary users. Monitor application logs for unusual access patterns or attempts to enumerate user profiles. Engage with the vendor or software provider to obtain updates or patches addressing this vulnerability. Additionally, consider deploying Web Application Firewalls (WAF) with custom rules to detect and block suspicious requests targeting the vulnerable service endpoints. Finally, conduct user awareness training to mitigate risks from potential phishing attacks that could leverage disclosed user information.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- mitre
- Date Reserved
- 2022-11-11T00:00:00.000Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 6839d93e182aa0cae2b73017
Added to database: 5/30/2025, 4:13:50 PM
Last enriched: 7/8/2025, 3:56:46 PM
Last updated: 8/12/2025, 1:09:22 PM
Views: 12
Related Threats
CVE-2025-3495: CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Delta Electronics COMMGR
CriticalCVE-2025-53948: CWE-415 Double Free in Santesoft Sante PACS Server
HighCVE-2025-52584: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-46269: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-54862: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Santesoft Sante PACS Server
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.