484 matches found
PT-2023-21146 · Mendix · Mendix Forgot Password
Name of the Vulnerable Software and Affected Versions: Mendix Forgot Password Mendix 7 compatible versions prior to V3.7.1 Mendix Forgot Password Mendix 8 compatible versions prior to V4.1.1 Mendix Forgot Password Mendix 9 compatible versions prior to V5.1.1 Description: The affected versions of...
Siemens Mendix 安全漏洞
Siemens Mendix is a low-code application development platform from Siemens. The platform provides application development, testing, deployment and iteration. An information disclosure vulnerability exists in the Siemens Mendix Forgot Password module. The vulnerability stems from the fact that the...
Vulnerabilities fixed in Siemens products
Siemens has fixed vulnerabilities in, among others: TIA Portal, SIPROTEC, SICAM , SCALANCE, SIMANTIC and Mendix. The vulnerabilities potentially enable a malicious party to launch attacks that could result in the following categories of damage: Denial-of-Service DoS. Remote code execution User...
The vulnerability of the Single Sign-On module in the application’s software platform for deployment and testing of software applications of Mendix allows a perpetrator to gain unauthorized access to the application.
The vulnerability of the Single Sign-On module for application SAML in the software platform for deployment and testing of software applications of Mendix is related to errors in the implementation of the authentication algorithm. Exploiting this vulnerability may allow a malicious actor to gain...
Siemens Mendix SAML Module Certification Bypass Vulnerability (CNVD-2023-17659)
The Mendix SAML Module allows the use of SAML to authenticate users in cloud applications. The module can communicate with any identity provider that supports SAML 2.0 or Shibboleth. An authentication bypass vulnerability exists in Siemens Mendix SAML Module, which stems from inadequate validatio...
CVE-2023-25957
A vulnerability has been identified in Mendix SAML Mendix 7 compatible All versions = V1.16.4 = V2.2.0 = V3.1.9 = V3.1.8 = V3.1.9 = V3.1.8 V3.2.6. The affected versions of the module insufficiently verify the SAML assertions. This could allow unauthenticated remote attackers to bypass...
CVE-2023-25957
A vulnerability has been identified in Mendix SAML Mendix 7 compatible All versions = V1.16.4 = V2.2.0 = V3.1.9 = V3.1.8 = V3.1.9 = V3.1.8 V3.2.6. The affected versions of the module insufficiently verify the SAML assertions. This could allow unauthenticated remote attackers to bypass...
Authentication flaw
A vulnerability has been identified in Mendix SAML Mendix 7 compatible All versions = V1.16.4 = V2.2.0 = V3.1.9 = V3.1.8 = V3.1.9 = V3.1.8 V3.2.6. The affected versions of the module insufficiently verify the SAML assertions. This could allow unauthenticated remote attackers to bypass...
CVE-2023-25957
A vulnerability has been identified in Mendix SAML Mendix 7 compatible All versions = V1.16.4 = V2.2.0 = V3.1.9 = V3.1.8 = V3.1.9 = V3.1.8 V3.2.6. The affected versions of the module insufficiently verify the SAML assertions. This could allow unauthenticated remote attackers to bypass...
CVE-2023-25957
A vulnerability has been identified in Mendix SAML Mendix 7 compatible All versions = V1.16.4 = V2.2.0 = V3.1.9 = V3.1.8 = V3.1.9 = V3.1.8 V3.2.6. The affected versions of the module insufficiently verify the SAML assertions. This could allow unauthenticated remote attackers to bypass...
CVE-2023-25957
Summary: CVE-2023-25957 affects Mendix SAML modules across multiple tracks/versions (e.g., Mendix 7/8/9, various upgrade/new tracks). The core issue is that SAML assertions are insufficiently verified, enabling unauthenticated remote attackers to bypass authentication and access the application. ...
Siemens Mendix SAML Module 授权问题漏洞
The Mendix SAML Module allows the use of SAML to authenticate users in cloud applications. The module can communicate with any identity provider that supports SAML 2.0 or Shibboleth. An authentication bypass vulnerability exists in Siemens Mendix SAML Module, which stems from inadequate validatio...
Siemens Mendix SAML Module
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...
PT-2023-3305 · Mendix · Mendix Saml
Name of the Vulnerable Software and Affected Versions: Mendix SAML Mendix 7 compatible versions 1.16.4 through 1.18.0 Mendix SAML Mendix 8 compatible versions 2.2.0 through 2.4.0 Mendix SAML Mendix 9 latest compatible, New Track versions 3.1.9 through 3.6.1 Mendix SAML Mendix 9 latest compatible,...
PT-2023-1689 · Mendix · Mendix Saml
Name of the Vulnerable Software and Affected Versions: Mendix SAML Mendix 7 compatible versions 1.16.4 through 1.17.3 Mendix SAML Mendix 8 compatible versions 2.2.0 through 2.3.0 Mendix SAML Mendix 9 latest compatible, New Track versions 3.1.9 through 3.3.1 Mendix SAML Mendix 9 latest compatible,...
Vulnerabilities fixed in Siemens products
Siemens has fixed vulnerabilities in SCALANCE, among others, RuggedCom, SIMATIC, SIPROTEC and Mendix. The vulnerabilities allow a malicious party potentially capable of carrying out attacks that lead to the following categories of damage: Denial-of-Service DoS. Accessing sensitive data Bypassing...
CISA Releases Fifteen Industrial Control Systems Advisories
CISA released fifteen 15 Industrial Control Systems ICS advisories on February 16, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories f...
CVE-2023-23835
A vulnerability has been identified in Mendix Applications using Mendix 7 All versions V7.23.34, Mendix Applications using Mendix 8 All versions V8.18.23, Mendix Applications using Mendix 9 All versions V9.22.0, Mendix Applications using Mendix 9 V9.12 All versions V9.12.10, Mendix Applications...
CVE-2023-23835
A vulnerability has been identified in Mendix Applications using Mendix 7 All versions V7.23.34, Mendix Applications using Mendix 8 All versions V8.18.23, Mendix Applications using Mendix 9 All versions V9.22.0, Mendix Applications using Mendix 9 V9.12 All versions V9.12.10, Mendix Applications...
Information disclosure
A vulnerability has been identified in Mendix Applications using Mendix 7 All versions V7.23.34, Mendix Applications using Mendix 8 All versions V8.18.23, Mendix Applications using Mendix 9 All versions V9.22.0, Mendix Applications using Mendix 9 V9.12 All versions V9.12.10, Mendix Applications...