484 matches found
Siemens Mendix 安全漏洞
Siemens Mendix is a low-code application development platform from Siemens. The platform provides application development, testing, deployment and iteration. An information disclosure vulnerability exists in Siemens Mendix Runtime, which stems from the affected application's authentication...
Siemens Mendix Runtime
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Siemens Mendix Encryption Module Hardcoded Default Encryption Key Vulnerability
The Mendix Encryption module takes care of the following encryption requirements: plain text encryption e.g. passwords and FileDocument encryption e.g. documents or photos. A hard-coded default encryption key vulnerability exists in the Siemens Mendix Encryption module, which can be exploited by ...
Vulnerabilities fixed in Siemens Products
Siemens has fixed vulnerabilities in various products such as Mendix, RUGGEDOM, SIMATIC, SINEMA, SIPROTEC and the Engineering Platforms for various systems. The vulnerabilities potentially enable a malicious person to carry out attacks that can lead to the following categories of damage: -...
CVE-2024-39888
A vulnerability has been identified in Mendix Encryption All versions = V10.0.0 V10.0.2. Affected versions of the module define a specific hard-coded default value for the EncryptionKey constant, which is used in projects where no individual EncryptionKey was specified. This could allow to an...
CVE-2024-39888
CVE-2024-39888 affects Mendix Encryption versions 10.0.0 to 10.0.1, where a hard-coded default EncryptionKey enables decryption of encrypted project data if no per-project key is specified. Root cause: a security-relevant constant defined by default in the module. Consequences stated across sourc...
CVE-2024-39888
A vulnerability has been identified in Mendix Encryption All versions = V10.0.0 V10.0.2. Affected versions of the module define a specific hard-coded default value for the EncryptionKey constant, which is used in projects where no individual EncryptionKey was specified. This could allow to an...
CVE-2024-39888
A vulnerability has been identified in Mendix Encryption All versions = V10.0.0 V10.0.2. Affected versions of the module define a specific hard-coded default value for the EncryptionKey constant, which is used in projects where no individual EncryptionKey was specified. This could allow to an...
Siemens Mendix 安全漏洞
The Mendix Encryption module takes care of the following encryption requirements: plain text encryption e.g. passwords and FileDocument encryption e.g. documents or photos. A hard-coded default encryption key vulnerability exists in the Siemens Mendix Encryption module, which can be exploited by ...
PT-2024-8753 · Mendix · Mendix Encryption
Name of the Vulnerable Software and Affected Versions: Mendix Encryption versions 10.0.0 through 10.0.1 Description: A vulnerability has been identified in the Mendix Encryption module, where affected versions define a specific hard-coded default value for the EncryptionKey constant. This default...
Siemens Mendix Encryption Module
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
The vulnerability of the Mendix software platform for deploying and testing software applications is related to deficiencies in access control, allowing attackers to enhance their privileges.
The vulnerability of the Mendix software deployment and application testing platform is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to enhance their privileges remotely...
Siemens Mendix Rights Management Error Vulnerability
Mendix is a high-productivity application platform for building and continuously improving mobile and web applications at scale. A privilege management error vulnerability exists in Siemens Mendix, which can be exploited by an attacker with administrative role functionality to elevate the access...
CVE-2024-33500
A vulnerability has been identified in Mendix Applications using Mendix 10 All versions = V9.3.0 V9.24.22. Affected applications could allow users with the capability to manage a role to elevate the access rights of users with that role. Successful exploitation requires to guess the id of a targe...
CVE-2024-33500
A vulnerability has been identified in Mendix Applications using Mendix 10 All versions = V9.3.0 V9.24.22. Affected applications could allow users with the capability to manage a role to elevate the access rights of users with that role. Successful exploitation requires to guess the id of a targe...
CVE-2024-33500
CVE-2024-33500 affects Siemens Mendix Applications (Mendix 9: versions >=9.3.0 <9.24.22; 10: <10.11.0; 10.6:
CVE-2024-33500
A vulnerability has been identified in Mendix Applications using Mendix 10 All versions = V9.3.0 V9.24.22. Affected applications could allow users with the capability to manage a role to elevate the access rights of users with that role. Successful exploitation requires to guess the id of a targe...
Siemens Mendix 安全漏洞
Mendix is a high-productivity application platform for building and continuously improving mobile and web applications at scale. A privilege management error vulnerability exists in Siemens Mendix, which can be exploited by an attacker with administrative role functionality to elevate the access...
Siemens Mendix Applications
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
The vulnerability of the Mendix software deployment and application testing platform, related to the ability to bypass authentication procedures, allows attackers to compromise the confidentiality, integrity, and accessibility of protected information, or to enhance their privileges.
The vulnerability of the Mendix software deployment and application testing platform relates to the bypassing of authentication procedures. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information, or to enhanc...