Lucene search
K

57 matches found

NVD
NVD
added 2023/03/14 10:15 a.m.29 views

CVE-2023-25957

A vulnerability has been identified in Mendix SAML Mendix 7 compatible All versions = V1.16.4 = V2.2.0 = V3.1.9 = V3.1.8 = V3.1.9 = V3.1.8 V3.2.6. The affected versions of the module insufficiently verify the SAML assertions. This could allow unauthenticated remote attackers to bypass...

9.1CVSS9.4AI score0.00581EPSS
Exploits0References1
OSV
OSV
added 2023/03/14 10:15 a.m.5 views

CVE-2023-25957

A vulnerability has been identified in Mendix SAML Mendix 7 compatible All versions = V1.16.4 = V2.2.0 = V3.1.9 = V3.1.8 = V3.1.9 = V3.1.8 V3.2.6. The affected versions of the module insufficiently verify the SAML assertions. This could allow unauthenticated remote attackers to bypass...

7.5CVSS7.1AI score0.00581EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/03/14 9:31 a.m.7 views

CVE-2023-25957

A vulnerability has been identified in Mendix SAML Mendix 7 compatible All versions = V1.16.4 = V2.2.0 = V3.1.9 = V3.1.8 = V3.1.9 = V3.1.8 V3.2.6. The affected versions of the module insufficiently verify the SAML assertions. This could allow unauthenticated remote attackers to bypass...

9.1CVSS9.3AI score0.00581EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/03/14 12:0 a.m.7 views

PT-2023-3305 · Mendix · Mendix Saml

Name of the Vulnerable Software and Affected Versions: Mendix SAML Mendix 7 compatible versions 1.16.4 through 1.18.0 Mendix SAML Mendix 8 compatible versions 2.2.0 through 2.4.0 Mendix SAML Mendix 9 latest compatible, New Track versions 3.1.9 through 3.6.1 Mendix SAML Mendix 9 latest compatible,...

9.8CVSS9.6AI score0.00888EPSS
Exploits0References5
ICS
ICS
added 2023/03/14 12:0 a.m.201 views

Siemens Mendix SAML Module

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

9.1CVSS9AI score0.00581EPSS
Exploits0References12
The Hacker News
The Hacker News
added 2023/01/16 10:47 a.m.65 views

CISA Warns of Flaws Affecting Industrial Control Systems from Major Manufacturers

The U.S. Cybersecurity and Infrastructure Security Agency CISA has released several Industrial Control Systems ICS advisories warning of critical security flaws affecting products from Sewio, InHand Networks, Sauter Controls, and Siemens. The most severe of the flaws relate to Sewio's RTLS Studio...

10CVSS1.3AI score0.01236EPSS
Exploits0
CISA
CISA
added 2023/01/12 12:0 a.m.17 views

CISA Releases Twelve Industrial Control Systems Advisories

CISA released twelve Industrial Control Systems ICS advisories on January 12, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for...

0.8AI score
Exploits0References12
OSV
OSV
added 2023/01/10 12:15 p.m.8 views

CVE-2022-46823

A vulnerability has been identified in Mendix SAML Mendix 8 compatible All versions = V2.3.0 = V3.3.0 = V3.3.0 V3.3.8. The affected module is vulnerable to reflected cross-site scripting XSS attacks. This could allow an attacker to extract sensitive information by tricking users into accessing a...

6.1CVSS5.6AI score0.0047EPSS
Exploits0References1
NVD
NVD
added 2023/01/10 12:15 p.m.34 views

CVE-2022-46823

A vulnerability has been identified in Mendix SAML Mendix 8 compatible All versions = V2.3.0 = V3.3.0 = V3.3.0 V3.3.8. The affected module is vulnerable to reflected cross-site scripting XSS attacks. This could allow an attacker to extract sensitive information by tricking users into accessing a...

9.3CVSS8.4AI score0.0047EPSS
Exploits0References1
Prion
Prion
added 2023/01/10 12:15 p.m.21 views

Cross site scripting

A vulnerability has been identified in Mendix SAML Mendix 8 compatible All versions = V2.3.0 = V3.3.0 = V3.3.0 V3.3.8. The affected module is vulnerable to reflected cross-site scripting XSS attacks. This could allow an attacker to extract sensitive information by tricking users into accessing a...

5.8CVSS5.8AI score0.0047EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/01/10 11:39 a.m.6 views

CVE-2022-46823

A vulnerability has been identified in Mendix SAML Mendix 8 compatible All versions = V2.3.0 = V3.3.0 = V3.3.0 V3.3.8. The affected module is vulnerable to reflected cross-site scripting XSS attacks. This could allow an attacker to extract sensitive information by tricking users into accessing a...

9.3CVSS5.5AI score0.0047EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/01/10 11:39 a.m.42 views

CVE-2022-46823

A vulnerability has been identified in Mendix SAML Mendix 8 compatible All versions = V2.3.0 = V3.3.0 = V3.3.0 V3.3.8. The affected module is vulnerable to reflected cross-site scripting XSS attacks. This could allow an attacker to extract sensitive information by tricking users into accessing a...

9.3CVSS8.3AI score0.0047EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/01/10 12:0 a.m.7 views

PT-2023-1146 · Mendix · Mendix Saml

Name of the Vulnerable Software and Affected Versions: Mendix SAML Mendix 8 compatible versions 2.3.0 through 2.3.3 Mendix SAML Mendix 9 compatible, New Track versions 3.3.0 through 3.3.8 Mendix SAML Mendix 9 compatible, Upgrade Track versions 3.3.0 through 3.3.7 Description: The affected module ...

9.4CVSS6.4AI score0.0047EPSS
Exploits0References5
NVD
NVD
added 2022/11/08 11:15 a.m.16 views

CVE-2022-44457

A vulnerability has been identified in Mendix SAML Mendix 7 compatible All versions = V1.17.0 = V2.3.0 = V3.3.1 = V3.3.0 V3.3.4. Affected versions of the module insufficiently protect from packet capture replay, only when the not recommended, non default configuration option 'Allow Idp Initiated...

9.8CVSS0.007EPSS
Exploits0References1
OSV
OSV
added 2022/11/08 11:15 a.m.3 views

CVE-2022-44457

A vulnerability has been identified in Mendix SAML Mendix 7 compatible All versions = V1.17.0 = V2.3.0 = V3.3.1 = V3.3.0 V3.3.4. Affected versions of the module insufficiently protect from packet capture replay, only when the not recommended, non default configuration option 'Allow Idp Initiated...

9.8CVSS5.7AI score0.007EPSS
Exploits0References1
Prion
Prion
added 2022/11/08 11:15 a.m.16 views

Default configuration

A vulnerability has been identified in Mendix SAML Mendix 7 compatible All versions = V1.17.0 = V2.3.0 = V3.3.1 = V3.3.0 V3.3.4. Affected versions of the module insufficiently protect from packet capture replay, only when the not recommended, non default configuration option 'Allow Idp Initiated...

7.5CVSS9.4AI score0.01046EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2022/11/08 12:0 a.m.8 views

CVE-2022-44457

A vulnerability has been identified in Mendix SAML Mendix 7 compatible All versions = V1.17.0 = V2.3.0 = V3.3.1 = V3.3.0 V3.3.4. Affected versions of the module insufficiently protect from packet capture replay, only when the not recommended, non default configuration option 'Allow Idp Initiated...

6.8AI score0.007EPSS
Exploits0References1
CVE
CVE
added 2022/11/08 12:0 a.m.58 views

CVE-2022-44457

CVE-2022-44457 affects Mendix SAML modules across Mendix 7/8/9 tracks. The issue arises when the non-default configuration option Allow Idp Initiated Authentication is enabled, yielding insufficient protection against packet capture replay. The record notes this as an incomplete fix for CVE-2022-...

9.8CVSS9.3AI score0.007EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/11/08 12:0 a.m.18 views

CVE-2022-44457

A vulnerability has been identified in Mendix SAML Mendix 7 compatible All versions = V1.17.0 = V2.3.0 = V3.3.1 = V3.3.0 V3.3.4. Affected versions of the module insufficiently protect from packet capture replay, only when the not recommended, non default configuration option 'Allow Idp Initiated...

9.7AI score0.007EPSS
Exploits0References1
NVD
NVD
added 2022/09/13 10:15 a.m.16 views

CVE-2022-37011

A vulnerability has been identified in Mendix SAML Mendix 7 compatible All versions V1.17.0, Mendix SAML Mendix 8 compatible All versions V2.3.0, Mendix SAML Mendix 9 compatible, New Track All versions V3.3.1, Mendix SAML Mendix 9 compatible, Upgrade Track All versions V3.3.0. Affected versions o...

9.8CVSS0.01046EPSS
Exploits0References1
Rows per page
Query Builder