484 matches found
PT-2023-9659 · Mendix · Mendix Runtime
Name of the Vulnerable Software and Affected Versions: Mendix Runtime V10 versions prior to V10.17.0 Mendix Runtime V10.12 versions prior to V10.12.11 Mendix Runtime V10.6 versions prior to V10.6.19 Mendix Runtime V8 versions prior to V8.18.33 Mendix Runtime V9 versions prior to V9.24.31...
Siemens Mendix Authentication Bypass Vulnerability
Mendix is a high-productivity application platform for building and continuously improving mobile and web applications at scale. An authentication bypass vulnerability exists in Siemens Mendix, which can be exploited by an attacker to access or modify objects without proper authorization or to...
CVE-2023-45794
A vulnerability has been identified in Mendix Applications using Mendix 10 All versions V10.4.0, Mendix Applications using Mendix 7 All versions V7.23.37, Mendix Applications using Mendix 8 All versions V8.18.27, Mendix Applications using Mendix 9 All versions V9.24.10. A capture-replay flaw in t...
CVE-2023-45794
A vulnerability has been identified in Mendix Applications using Mendix 10 All versions V10.4.0, Mendix Applications using Mendix 7 All versions V7.23.37, Mendix Applications using Mendix 8 All versions V8.18.27, Mendix Applications using Mendix 9 All versions V9.24.10. A capture-replay flaw in t...
Authorization
A vulnerability has been identified in Mendix Applications using Mendix 10 All versions V10.4.0, Mendix Applications using Mendix 7 All versions V7.23.37, Mendix Applications using Mendix 8 All versions V8.18.27, Mendix Applications using Mendix 9 All versions V9.24.10. A capture-replay flaw in t...
CVE-2023-45794
A vulnerability has been identified in Mendix Applications using Mendix 10 All versions V10.4.0, Mendix Applications using Mendix 7 All versions V7.23.37, Mendix Applications using Mendix 8 All versions V8.18.27, Mendix Applications using Mendix 9 All versions V9.24.10. A capture-replay flaw in t...
CVE-2023-45794
The CVE-2023-45794 issue affects Mendix Applications modernized on Mendix 7/8/9/10. A capture-replay flaw in the Mendix platform can, under app-specific preconditions related to model and access control, allow authenticated attackers to access or modify objects without proper authorization or to ...
Siemens Mendix Applications 安全漏洞
Mendix is a high-productivity application platform for building and continuously improving mobile and web applications at scale. An authentication bypass vulnerability exists in Siemens Mendix, which can be exploited by an attacker to access or modify objects without proper authorization or to...
PT-2023-7001 · Mendix · Mendix
Name of the Vulnerable Software and Affected Versions: Mendix Applications using Mendix 7 versions prior to 7.23.37 Mendix Applications using Mendix 8 versions prior to 8.18.27 Mendix Applications using Mendix 9 versions prior to 9.24.10 Mendix Applications using Mendix 10 versions prior to 10.4....
Siemens Mendix Runtime
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Vulnerabilities fixed in Siemens products
Siemens has fixed vulnerabilities in several products including. SIMATIC, SINEC, SIPROTEC and RUGGEDCOM. The vulnerabilities allow a malicious party potentially able to launch attacks that could lead to the following categories of damage: Denial-of-Service DoS Manipulation of data Circumvention o...
Siemens Mendix Studio Pro
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
The vulnerability of the Mendix software platform for deploying and testing software applications, related to lack of access control, allows a perpetrator to disclose protected information.
The vulnerability of the Mendix software deployment and application testing platform is related to lack of access control. Exploiting this vulnerability could allow a malicious actor to disclose protected information through Xpath queries...
The vulnerability of the “Forgotten Password” function of the Mendix software platform for deploying and testing software applications, which allows a perpetrator to execute a brute-force attack.
The vulnerability of the “Forgotten Password” function in the Mendix software deployment and application testing platform is related to its non-persistent execution time. Exploiting this vulnerability allows a malicious actor to execute an attack using brute-force methods...
Siemens Mendix Forgot Password Module Household Enumeration Vulnerability
The Mendix Forgot Password module allows your users to register your application or reset their own passwords without administrator involvement. A vulnerability exists in the Siemens Mendix Forgot Password module that can be exploited by an attacker to determine if a user is valid, allowing a bru...
CVE-2023-43623
A vulnerability has been identified in Mendix Forgot Password Mendix 10 compatible All versions V5.4.0, Mendix Forgot Password Mendix 7 compatible All versions V3.7.3, Mendix Forgot Password Mendix 8 compatible All versions V4.1.3, Mendix Forgot Password Mendix 9 compatible All versions V5.4.0...
CVE-2023-43623
A vulnerability has been identified in Mendix Forgot Password Mendix 10 compatible All versions V5.4.0, Mendix Forgot Password Mendix 7 compatible All versions V3.7.3, Mendix Forgot Password Mendix 8 compatible All versions V4.1.3, Mendix Forgot Password Mendix 9 compatible All versions V5.4.0...
Default credentials
A vulnerability has been identified in Mendix Forgot Password Mendix 10 compatible All versions V5.4.0, Mendix Forgot Password Mendix 7 compatible All versions V3.7.3, Mendix Forgot Password Mendix 8 compatible All versions V4.1.3, Mendix Forgot Password Mendix 9 compatible All versions V5.4.0...
CVE-2023-43623
A vulnerability has been identified in Mendix Forgot Password Mendix 10 compatible All versions V5.4.0, Mendix Forgot Password Mendix 7 compatible All versions V3.7.3, Mendix Forgot Password Mendix 8 compatible All versions V4.1.3, Mendix Forgot Password Mendix 9 compatible All versions V5.4.0...
CVE-2023-43623
The CVE-2023-43623 vulnerability affects Siemens Mendix Forgot Password modules across multiple Mendix compatibility versions: 7 (<3.7.3), 8 (<4.1.3), 9 (<5.4.0), and 10 (