CVE-2024-39888

A vulnerability has been identified in Mendix Encryption All versions = V10.0.0 V10.0.2. Affected versions of the module define a specific hard-coded default value for the EncryptionKey constant, which is used in projects where no individual EncryptionKey was specified. This could allow to an...

EUVD-2024-38290

Malicious code in bioql PyPI...

Siemens Mendix Encryption Module Hardcoded Default Encryption Key Vulnerability

The Mendix Encryption module takes care of the following encryption requirements: plain text encryption e.g. passwords and FileDocument encryption e.g. documents or photos. A hard-coded default encryption key vulnerability exists in the Siemens Mendix Encryption module, which can be exploited by ...

CVE-2024-39888

A vulnerability has been identified in Mendix Encryption All versions = V10.0.0 V10.0.2. Affected versions of the module define a specific hard-coded default value for the EncryptionKey constant, which is used in projects where no individual EncryptionKey was specified. This could allow to an...

CVE-2024-39888

A vulnerability has been identified in Mendix Encryption All versions = V10.0.0 V10.0.2. Affected versions of the module define a specific hard-coded default value for the EncryptionKey constant, which is used in projects where no individual EncryptionKey was specified. This could allow to an...

CVE-2024-39888

A vulnerability has been identified in Mendix Encryption All versions = V10.0.0 V10.0.2. Affected versions of the module define a specific hard-coded default value for the EncryptionKey constant, which is used in projects where no individual EncryptionKey was specified. This could allow to an...

CVE-2024-39888

CVE-2024-39888 affects Mendix Encryption versions 10.0.0 to 10.0.1, where a hard-coded default EncryptionKey enables decryption of encrypted project data if no per-project key is specified. Root cause: a security-relevant constant defined by default in the module. Consequences stated across sourc...

PT-2024-8753 · Mendix · Mendix Encryption

Name of the Vulnerable Software and Affected Versions: Mendix Encryption versions 10.0.0 through 10.0.1 Description: A vulnerability has been identified in the Mendix Encryption module, where affected versions define a specific hard-coded default value for the EncryptionKey constant. This default...

Siemens Mendix Encryption Module

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...