CVE-2024-50313

🗓️ 12 Nov 2024 12:49:54Reported by siemensType

Mendix Runtime V10 and V9 basic authentication race condition vulnerabilit

Reporter	Title	Published	Views	Family All 13
BDU FSTEC	The vulnerability of the Basic Authentication mechanism in the Mendix Runtime environment allows a perpetrator to circumvent existing security restrictions.	26 Nov 202400:00	–	bdu_fstec
Circl	CVE-2024-50313	12 Nov 202414:06	–	circl
CNNVD	Siemens Mendix Runtime 竞争条件问题漏洞	12 Nov 202400:00	–	cnnvd
CNVD	Siemens Mendix Competitive Condition Vulnerability	13 Nov 202400:00	–	cnvd
CVE	CVE-2024-50313	12 Nov 202412:49	–	cve
EUVD	EUVD-2024-44811	3 Oct 202520:07	–	euvd
ICS	Siemens Mendix Runtime	12 Nov 202400:00	–	ics
NCSC	Vulnerabilities fixed in Siemens products	12 Nov 202414:19	–	ncsc
NVD	CVE-2024-50313	12 Nov 202413:15	–	nvd
OSV	CVE-2024-50313	12 Nov 202413:15	–	osv

[
  {
    "vendor": "Siemens",
    "product": "Mendix Runtime V10",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V10.16.0",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "Mendix Runtime V10.12",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V10.12.7",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "Mendix Runtime V10.6",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V10.6.15",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "Mendix Runtime V8",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "*",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "Mendix Runtime V9",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V9.24.29",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  }
]

Source	Link
cert-portal	www.cert-portal.siemens.com/productcert/html/ssa-914892.html

12 Aug 2025 11:16Current

CVSS 3.15.3

CVSS 46.9

EPSS0.00561

CWE-362