Lucene search

SiemensCVELIST:CVE-2022-45936

HistoryDec 13, 2022 - 12:00 a.m.

CVE-2022-45936

2022-12-1300:00:00

CWE-284

siemens

www.cve.org

mendix

email connector

vulnerability

access control

remote attackers

sensitive information

7.9 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

39.4%

JSON

A vulnerability has been identified in Mendix Email Connector (All versions < V2.0.0). Affected versions of the module improperly handle access control for some module entities. This could allow authenticated remote attackers to read and manipulate sensitive information.

CNA Affected

[
  {
    "vendor": "Siemens",
    "product": "Mendix Email Connector",
    "versions": [
      {
        "version": "All versions < V2.0.0",
        "status": "affected"
      }
    ]
  }
]

References

cert-portal.siemens.com/productcert/pdf/ssa-224632.pdf