CVE-2022-32285

🗓️ 14 Jun 2022 09:22:19Reported by siemensType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 47 Views

CVE-2022-32285: Mendix SAML Module XXE vulnerabilit

Reporter	Title	Published	Views	Family All 10
ATTACKERKB	CVE-2022-32285	14 Jun 202210:15	–	attackerkb
Circl	CVE-2022-32285	14 Jun 202214:19	–	circl
CNNVD	Siemens Mendix SAML Module 代码问题漏洞	14 Jun 202200:00	–	cnnvd
CNVD	Siemens Mendix SAML Module XML External Entity Reference Vulnerability	15 Jun 202200:00	–	cnvd
Cvelist	CVE-2022-32285	14 Jun 202209:22	–	cvelist
EUVD	EUVD-2022-53480	3 Oct 202520:07	–	euvd
ICS	Siemens Mendix SAML Module	14 Jun 202200:00	–	ics
NVD	CVE-2022-32285	14 Jun 202210:15	–	nvd
Prion	Xxe	14 Jun 202210:15	–	prion
RedhatCVE	CVE-2022-32285	23 May 202500:42	–	redhatcve

NVD

Node

mendix samlRange<1.16.6

mendix samlRange2.0.0–2.2.2

mendix samlRange3.0.0–3.2.3

[
  {
    "product": "Mendix SAML Module (Mendix 7 compatible)",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V1.16.6"
      }
    ]
  },
  {
    "product": "Mendix SAML Module (Mendix 8 compatible)",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V2.2.2"
      }
    ]
  },
  {
    "product": "Mendix SAML Module (Mendix 9 compatible)",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V3.2.3"
      }
    ]
  }
]

Source	Link
cert-portal	www.cert-portal.siemens.com/productcert/pdf/ssa-740594.pdf

21 Nov 2024 07:06Current

7.2High risk

Vulners AI Score7.2

CVSS 24.3

CVSS 3.17.5

EPSS0.00423

CWE-611