Lucene search

China National Vulnerability DatabaseCNVD-2023-86343

HistoryNov 15, 2023 - 12:00 a.m.

Siemens Mendix Authentication Bypass Vulnerability

2023-11-1500:00:00

China National Vulnerability Database

www.cnvd.org.cn

siemens

mendix

authentication

bypass

vulnerability

high-productivity

application platform

mobile

web applications

exploited

attacker

access

modify

authorization

elevate

privileges

vulnerable

cnvd

7.1 High

AI Score

Confidence

Low

0.0005 Low

EPSS

Percentile

18.4%

JSON

Mendix is a high-productivity application platform for building and continuously improving mobile and web applications at scale. An authentication bypass vulnerability exists in Siemens Mendix, which can be exploited by an attacker to access or modify objects without proper authorization or to elevate privileges in a vulnerable application context.

CPENameOperatorVersion
siemens mendix applications using mendix 10lt10.4.0
siemens mendix applications using mendix 7lt7.23.37
siemens mendix applications using mendix 8lt8.18.27
siemens mendix applications using mendix 9lt9.24.10

Name	Operator	Version
siemens mendix applications using mendix 10	lt	10.4.0
siemens mendix applications using mendix 7	lt	7.23.37
siemens mendix applications using mendix 8	lt	8.18.27
siemens mendix applications using mendix 9	lt	9.24.10