Bentley Systems · Projectwise Integration Server · CVE-2024-53007
**Name of the Vulnerable Software and Affected Versions**
Bentley Systems ProjectWise Integration Server versions prior to 10.00.03.288
**Description**
The issue allows unintended SQL query execution by an authenticated user via an API call.
**Recommendations**
For versions prior to 10.00.03.288, update to version 10.00.03.288 or later to resolve the issue. As a temporary workaround, consider restricting access to the API endpoint to minimize the risk of exploitation.