484 matches found
Siemens Mendix LDAP Injection Vulnerability
Mendix LDAP is a client-side implementation of the Lightweight Directory Access Protocol LDAP that allows your application to communicate with an LDAP server, such as the local Microsoft Active Directory AD. An injection vulnerability exists in Siemens Mendix LDAP, which can be exploited by an...
Siemens Mendix 注入漏洞
Mendix LDAP is a client-side implementation of the Lightweight Directory Access Protocol LDAP that allows your application to communicate with an LDAP server, such as the local Microsoft Active Directory AD. An injection vulnerability exists in Siemens Mendix LDAP, which can be exploited by an...
Siemens Mendix LDAP
SUMMARY The Mendix LDAP module is affected by an LDAP injection vulnerability that could allow an unauthenticated remote attacker to bypass username verification. Siemens has released a new version for Mendix LDAP and recommends to update to the latest version. 2. GENERAL RECOMMENDATIONS As a...
The vulnerability of Siemens Mendix Encryption, related to the use of pre-installed data, allows a intruder to gain unauthorized access to protected information.
The vulnerability of Siemens Mendix Encryption lies in the use of pre-installed data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the Basic Authentication mechanism in the Mendix Runtime environment allows a perpetrator to circumvent existing security restrictions.
The vulnerability of the Basic Authentication mechanism in the Mendix Runtime environment is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow a malicious actor to circumvent existing security restrictions remotely...
Siemens Mendix Competitive Condition Vulnerability
Mendix is a highly productive application platform that enables you to build and continuously improve mobile and web applications at scale. A competitive condition vulnerability exists in Siemens Mendix, which can be exploited by an unauthenticated, remote attacker to bypass default account locko...
The vulnerability of the Basic Authentication mechanism in the Mendix Runtime environment allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Basic Authentication mechanism in the Mendix Runtime environment is related to inconsistencies in the responses to incoming requests. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...
Vulnerabilities fixed in Siemens products
Siemens has fixed vulnerabilities in various products such as Mendix, RUGGEDCOM, SCALANCE, SIMATIC and SINEC. The vulnerabilities potentially enable a malicious person to carry out attacks that can lead to the following categories of damage: - Denial-of-Service DoS - Cross-Site Scripting XSS. -...
CVE-2024-50313
A vulnerability has been identified in Mendix Runtime V10 All versions V10.16.0 only if the basic authentication mechanism is used by the application, Mendix Runtime V10.12 All versions V10.12.7 only if the basic authentication mechanism is used by the application, Mendix Runtime V10.6 All versio...
CVE-2024-50313
A vulnerability has been identified in Mendix Runtime V10 All versions V10.16.0 only if the basic authentication mechanism is used by the application, Mendix Runtime V10.12 All versions V10.12.7 only if the basic authentication mechanism is used by the application, Mendix Runtime V10.6 All versio...
CVE-2024-50313
A vulnerability has been identified in Mendix Runtime V10 All versions V10.16.0 only if the basic authentication mechanism is used by the application, Mendix Runtime V10.12 All versions V10.12.7 only if the basic authentication mechanism is used by the application, Mendix Runtime V10.6 All versio...
CVE-2024-50313
A vulnerability has been identified in Mendix Runtime V10 All versions V10.16.0 only if the basic authentication mechanism is used by the application, Mendix Runtime V10.12 All versions V10.12.7 only if the basic authentication mechanism is used by the application, Mendix Runtime V10.6 All versio...
CVE-2024-50313
CVE-2024-50313 affects Siemens Mendix Runtime across multiple branches (V8, V9, V10, including V10.6/10.12/10.16 lines) where the basic authentication implementation has a race condition that could let unauthenticated remote actors bypass default account lockout. Affected versions include all V8 ...
Siemens Mendix Runtime 竞争条件问题漏洞
Mendix is a highly productive application platform that enables you to build and continuously improve mobile and web applications at scale. A competitive condition vulnerability exists in Siemens Mendix, which can be exploited by an unauthenticated, remote attacker to bypass default account locko...
Siemens Mendix Runtime Information Disclosure Vulnerability
Siemens Mendix is a low-code application development platform from Siemens. The platform provides application development, testing, deployment and iteration. An information disclosure vulnerability exists in Siemens Mendix Runtime, which stems from the affected application's authentication...
Vulnerabilities fixed in Siemens products
Siemens has fixed vulnerabilities in various products such as Mendix, SICAM, SIMATIC, SINEMA, SINUMERIK and Tecnomatix. The vulnerabilities potentially enable a malicious person to carry out attacks that can lead to the following categories of damage: - Denial-of-Service DoS - Manipulation of dat...
CVE-2023-49069
A vulnerability has been identified in Mendix Runtime V10 All versions V10.17.0 only if the basic authentication mechanism is used by the application, Mendix Runtime V10.12 All versions V10.12.11 only if the basic authentication mechanism is used by the application, Mendix Runtime V10.6 All...
CVE-2023-49069
A vulnerability has been identified in Mendix Runtime V10 All versions V10.17.0 only if the basic authentication mechanism is used by the application, Mendix Runtime V10.12 All versions V10.12.11 only if the basic authentication mechanism is used by the application, Mendix Runtime V10.6 All...
CVE-2023-49069
The CVE relates to Mendix Runtime authentication: an observable response discrepancy when validating usernames in basic authentication allows unauthenticated remote attackers to distinguish valid vs invalid usernames. Affected versions include Mendix Runtime V8 (all versions < V8.18.33), V9 (&...
CVE-2023-49069
A vulnerability has been identified in Mendix Runtime V10 All versions V10.17.0 only if the basic authentication mechanism is used by the application, Mendix Runtime V10.12 All versions V10.12.11 only if the basic authentication mechanism is used by the application, Mendix Runtime V10.6 All...