57 matches found
CVE-2023-25957
A vulnerability has been identified in Mendix SAML Mendix 7 compatible All versions = V1.16.4 = V2.2.0 = V3.1.9 = V3.1.8 = V3.1.9 = V3.1.8 V3.2.6. The affected versions of the module insufficiently verify the SAML assertions. This could allow unauthenticated remote attackers to bypass...
CVE-2023-25957
A vulnerability has been identified in Mendix SAML Mendix 7 compatible All versions = V1.16.4 = V2.2.0 = V3.1.9 = V3.1.8 = V3.1.9 = V3.1.8 V3.2.6. The affected versions of the module insufficiently verify the SAML assertions. This could allow unauthenticated remote attackers to bypass...
CVE-2023-25957
A vulnerability has been identified in Mendix SAML Mendix 7 compatible All versions = V1.16.4 = V2.2.0 = V3.1.9 = V3.1.8 = V3.1.9 = V3.1.8 V3.2.6. The affected versions of the module insufficiently verify the SAML assertions. This could allow unauthenticated remote attackers to bypass...
PT-2023-3305 · Mendix · Mendix Saml
Name of the Vulnerable Software and Affected Versions: Mendix SAML Mendix 7 compatible versions 1.16.4 through 1.18.0 Mendix SAML Mendix 8 compatible versions 2.2.0 through 2.4.0 Mendix SAML Mendix 9 latest compatible, New Track versions 3.1.9 through 3.6.1 Mendix SAML Mendix 9 latest compatible,...
Siemens Mendix SAML Module
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...
CISA Warns of Flaws Affecting Industrial Control Systems from Major Manufacturers
The U.S. Cybersecurity and Infrastructure Security Agency CISA has released several Industrial Control Systems ICS advisories warning of critical security flaws affecting products from Sewio, InHand Networks, Sauter Controls, and Siemens. The most severe of the flaws relate to Sewio's RTLS Studio...
CISA Releases Twelve Industrial Control Systems Advisories
CISA released twelve Industrial Control Systems ICS advisories on January 12, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for...
CVE-2022-46823
A vulnerability has been identified in Mendix SAML Mendix 8 compatible All versions = V2.3.0 = V3.3.0 = V3.3.0 V3.3.8. The affected module is vulnerable to reflected cross-site scripting XSS attacks. This could allow an attacker to extract sensitive information by tricking users into accessing a...
CVE-2022-46823
A vulnerability has been identified in Mendix SAML Mendix 8 compatible All versions = V2.3.0 = V3.3.0 = V3.3.0 V3.3.8. The affected module is vulnerable to reflected cross-site scripting XSS attacks. This could allow an attacker to extract sensitive information by tricking users into accessing a...
Cross site scripting
A vulnerability has been identified in Mendix SAML Mendix 8 compatible All versions = V2.3.0 = V3.3.0 = V3.3.0 V3.3.8. The affected module is vulnerable to reflected cross-site scripting XSS attacks. This could allow an attacker to extract sensitive information by tricking users into accessing a...
CVE-2022-46823
A vulnerability has been identified in Mendix SAML Mendix 8 compatible All versions = V2.3.0 = V3.3.0 = V3.3.0 V3.3.8. The affected module is vulnerable to reflected cross-site scripting XSS attacks. This could allow an attacker to extract sensitive information by tricking users into accessing a...
CVE-2022-46823
A vulnerability has been identified in Mendix SAML Mendix 8 compatible All versions = V2.3.0 = V3.3.0 = V3.3.0 V3.3.8. The affected module is vulnerable to reflected cross-site scripting XSS attacks. This could allow an attacker to extract sensitive information by tricking users into accessing a...
PT-2023-1146 · Mendix · Mendix Saml
Name of the Vulnerable Software and Affected Versions: Mendix SAML Mendix 8 compatible versions 2.3.0 through 2.3.3 Mendix SAML Mendix 9 compatible, New Track versions 3.3.0 through 3.3.8 Mendix SAML Mendix 9 compatible, Upgrade Track versions 3.3.0 through 3.3.7 Description: The affected module ...
CVE-2022-44457
A vulnerability has been identified in Mendix SAML Mendix 7 compatible All versions = V1.17.0 = V2.3.0 = V3.3.1 = V3.3.0 V3.3.4. Affected versions of the module insufficiently protect from packet capture replay, only when the not recommended, non default configuration option 'Allow Idp Initiated...
CVE-2022-44457
A vulnerability has been identified in Mendix SAML Mendix 7 compatible All versions = V1.17.0 = V2.3.0 = V3.3.1 = V3.3.0 V3.3.4. Affected versions of the module insufficiently protect from packet capture replay, only when the not recommended, non default configuration option 'Allow Idp Initiated...
Default configuration
A vulnerability has been identified in Mendix SAML Mendix 7 compatible All versions = V1.17.0 = V2.3.0 = V3.3.1 = V3.3.0 V3.3.4. Affected versions of the module insufficiently protect from packet capture replay, only when the not recommended, non default configuration option 'Allow Idp Initiated...
CVE-2022-44457
A vulnerability has been identified in Mendix SAML Mendix 7 compatible All versions = V1.17.0 = V2.3.0 = V3.3.1 = V3.3.0 V3.3.4. Affected versions of the module insufficiently protect from packet capture replay, only when the not recommended, non default configuration option 'Allow Idp Initiated...
CVE-2022-44457
CVE-2022-44457 affects Mendix SAML modules across Mendix 7/8/9 tracks. The issue arises when the non-default configuration option Allow Idp Initiated Authentication is enabled, yielding insufficient protection against packet capture replay. The record notes this as an incomplete fix for CVE-2022-...
CVE-2022-44457
A vulnerability has been identified in Mendix SAML Mendix 7 compatible All versions = V1.17.0 = V2.3.0 = V3.3.1 = V3.3.0 V3.3.4. Affected versions of the module insufficiently protect from packet capture replay, only when the not recommended, non default configuration option 'Allow Idp Initiated...
CVE-2022-37011
A vulnerability has been identified in Mendix SAML Mendix 7 compatible All versions V1.17.0, Mendix SAML Mendix 8 compatible All versions V2.3.0, Mendix SAML Mendix 9 compatible, New Track All versions V3.3.1, Mendix SAML Mendix 9 compatible, Upgrade Track All versions V3.3.0. Affected versions o...