484 matches found
CVE-2021-42025
A vulnerability has been identified in Mendix Applications using Mendix 8 All versions V8.18.13, Mendix Applications using Mendix 9 All versions V9.6.2. Applications built with affected versions of Mendix Studio Pro do not properly control write access for certain client actions. This could allow...
CVE-2021-42015
The CVE affects Mendix-based applications: Mendix 7 (all versions before 7.23.26), Mendix 8 (before 8.18.12), and Mendix 9 (before 9.6.1). Applications built with affected Mendix Studio Pro do not prevent file documents from being cached by a browser when opened or downloaded, enabling a local at...
CVE-2021-42015
A vulnerability has been identified in Mendix Applications using Mendix 7 All versions V7.23.26, Mendix Applications using Mendix 8 All versions V8.18.12, Mendix Applications using Mendix 9 All versions V9.6.1. Applications built with affected versions of Mendix Studio Pro do not prevent file...
Siemens Mendix 安全漏洞
Siemens Mendix is a low-code application development platform from Siemens, a German company that provides application development, testing, deployment and iteration. The platform provides application development, testing, deployment and iteration. Siemens Mendix contains a security vulnerability...
Siemens Mendix 安全漏洞
A security vulnerability exists in Siemens Mendix, a low-code application development platform from Siemens, Germany. The vulnerability stems from the fact that applications built with the affected version of Mendix Studio Pro do not prevent the caching of file documents when opening or downloadi...
Siemens Mendix Studio Pro
1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: Mendix Studio Pro Vulnerabilities: Incorrect Authorization 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow authenticated attackers to manipulate the content of specific...
Siemens Mendix
1. EXECUTIVE SUMMARY CVSS v3 4.0 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Mendix Vulnerability: Use of Web Browser Cache Containing Sensitive Information 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a local attacker to read cached documents by...
Siemens Mendix 安全漏洞
Siemens Mendix is a low-code application development platform from Siemens, a German company that provides application development, testing, deployment, and iteration capabilities. A security vulnerability in Siemens Mendix allows an authenticated attacker to retrieve the changedDate property of...
Siemens Mendix Access Check Bypass Vulnerability
Siemens Mendix is a low-code application development platform from Siemens. The platform provides application development, testing, deployment and iteration. A security vulnerability exists in Siemens Mendix, which can be exploited by an attacker to bypass write access checks on properties of the...
CVE-2021-33718
A vulnerability has been identified in Mendix Applications using Mendix 7 All versions V7.23.22, Mendix Applications using Mendix 8 All versions V8.18.7, Mendix Applications using Mendix 9 All versions V9.3.0. Write access checks of attributes of an object could be bypassed, if user has a write...
CVE-2021-33718
A vulnerability has been identified in Mendix Applications using Mendix 7 All versions V7.23.22, Mendix Applications using Mendix 8 All versions V8.18.7, Mendix Applications using Mendix 9 All versions V9.3.0. Write access checks of attributes of an object could be bypassed, if user has a write...
Design/Logic Flaw
A vulnerability has been identified in Mendix Applications using Mendix 7 All versions V7.23.22, Mendix Applications using Mendix 8 All versions V8.18.7, Mendix Applications using Mendix 9 All versions V9.3.0. Write access checks of attributes of an object could be bypassed, if user has a write...
CVE-2021-33718
A vulnerability has been identified in Mendix Applications using Mendix 7 All versions V7.23.22, Mendix Applications using Mendix 8 All versions V8.18.7, Mendix Applications using Mendix 9 All versions V9.3.0. Write access checks of attributes of an object could be bypassed, if user has a write...
CVE-2021-33718
CVE-2021-33718 affects Mendix-based applications across Mendix 7 (<7.23.22), 8 (<8.18.7), and 9 (
Siemens Mendix 安全漏洞
Siemens Mendix is a low-code application development platform from Siemens. The platform provides application development, testing, deployment and iteration. A security vulnerability exists in Siemens Mendix, which can be exploited by an attacker to bypass write access checks on properties of the...
Siemens Mendix
1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Mendix Vulnerability: Incorrect Authorization 2. RISK EVALUATION Successful exploitation of this vulnerability could allow unauthorized users bypass write permissions to attributes of...
Siemens Mendix SAML Module Elevation of Privilege Vulnerability
The Mendix SAML Module allows authenticating users in cloud applications using SAML. The module can communicate with any identity provider that supports SAML 2.0 or Shibboleth. An elevation of privilege vulnerability exists in the Siemens Mendix SAML Module. An authenticated, remote attacker coul...
CVE-2021-33712
A vulnerability has been identified in Mendix SAML Module All versions V2.1.2. The configuration of the SAML module does not properly check various restrictions and validations imposed by an identity provider. This could allow a remote authenticated attacker to escalate privileges...
CVE-2021-33712
A vulnerability has been identified in Mendix SAML Module All versions V2.1.2. The configuration of the SAML module does not properly check various restrictions and validations imposed by an identity provider. This could allow a remote authenticated attacker to escalate privileges...
Design/Logic Flaw
A vulnerability has been identified in Mendix SAML Module All versions V2.1.2. The configuration of the SAML module does not properly check various restrictions and validations imposed by an identity provider. This could allow a remote authenticated attacker to escalate privileges...