CVE-2021-42015

🗓️ 09 Nov 2021 11:32:14Reported by siemensType

Security vulnerability in Mendix Applications allowing local attacker to read cached file documents

Reporter	Title	Published	Views	Family All 10
Circl	CVE-2021-42015	9 Nov 202114:30	–	circl
CNNVD	Siemens Mendix 安全漏洞	9 Nov 202100:00	–	cnnvd
CNVD	Siemens Mendix Information Disclosure Vulnerability	11 Nov 202100:00	–	cnvd
Cvelist	CVE-2021-42015	9 Nov 202111:32	–	cvelist
EUVD	EUVD-2021-29003	3 Oct 202520:07	–	euvd
ICS	Siemens Mendix	9 Nov 202100:00	–	ics
NCSC	Vulnerabilities fixed in Siemens Mendix	12 Nov 202100:00	–	ncsc
NVD	CVE-2021-42015	9 Nov 202112:15	–	nvd
OSV	CVE-2021-42015	9 Nov 202112:15	–	osv
Prion	Input validation	9 Nov 202112:15	–	prion

NVD

Node

mendix mendixRange<7.23.26

mendix mendixRange8.0.0–8.18.12

mendix mendixRange9.0.0–9.6.1

[
  {
    "product": "Mendix Applications using Mendix 7",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V7.23.26"
      }
    ]
  },
  {
    "product": "Mendix Applications using Mendix 8",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V8.18.12"
      }
    ]
  },
  {
    "product": "Mendix Applications using Mendix 9",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V9.6.1"
      }
    ]
  }
]

Source	Link
cert-portal	www.cert-portal.siemens.com/productcert/pdf/ssa-338732.pdf

21 Nov 2024 06:27Current

5.1Medium risk

Vulners AI Score5.1

CVSS 21.9

CVSS 3.15.5

EPSS0.00125

CWE-525