Lucene search

CVE-2023-25957

🗓️ 14 Mar 2023 10:28:15Reported by siemensType

CVE-2023-25957 Mendix SAML module allows unauthenticated remote attackers to bypass authenticatio

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 11
vulnrichment	CVE-2023-25957	14 Mar 202309:31	–	vulnrichment
vulnrichment	CVE-2023-29129	13 Jun 202308:17	–	vulnrichment
cnvd	Siemens Mendix SAML Module Certification Bypass Vulnerability (CNVD-2023-17659)	16 Mar 202300:00	–	cnvd
nvd	CVE-2023-25957	14 Mar 202310:15	–	nvd
nvd	CVE-2023-29129	13 Jun 202309:15	–	nvd
prion	Authentication flaw	14 Mar 202310:15	–	prion
prion	Authentication flaw	13 Jun 202309:15	–	prion
cvelist	CVE-2023-25957	14 Mar 202309:31	–	cvelist
cvelist	CVE-2023-29129	13 Jun 202308:17	–	cvelist
cve	CVE-2023-29129	13 Jun 202309:15	–	cve

Nvd

Node

mendix samlRange1.16.4–1.17.2mendix

mendix samlRange2.2.0–2.2.3mendix

mendix samlRange3.1.9–3.2.5mendix

[
  {
    "vendor": "Siemens",
    "product": "Mendix SAML (Mendix 7 compatible)",
    "versions": [
      {
        "version": "All versions >= V1.16.4 < V1.17.3",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "Mendix SAML (Mendix 8 compatible)",
    "versions": [
      {
        "version": "All versions >= V2.2.0 < V2.3.0",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "Mendix SAML (Mendix 9 latest compatible, New Track)",
    "versions": [
      {
        "version": "All versions >= V3.1.9 < V3.3.1",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "Mendix SAML (Mendix 9 latest compatible, Upgrade Track)",
    "versions": [
      {
        "version": "All versions >= V3.1.8 < V3.3.0",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "Mendix SAML (Mendix 9.6 compatible, New Track)",
    "versions": [
      {
        "version": "All versions >= V3.1.9 < V3.2.7",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "Mendix SAML (Mendix 9.6 compatible, Upgrade Track)",
    "versions": [
      {
        "version": "All versions >= V3.1.8 < V3.2.6",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  }
]

Source	Link
cert-portal	www.cert-portal.siemens.com/productcert/pdf/ssa-851884.pdf

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

14 Mar 2023 10:15Current

8.5High risk

Vulners AI Score8.5

CVSS37.5 - 9.1

EPSS0.00031

SSVC