Lucene search
K

31 matches found

ATTACKERKB
ATTACKERKB
added 2022/06/14 10:15 a.m.3 views

CVE-2022-32285

A vulnerability has been identified in Mendix SAML Module Mendix 7 compatible All versions V1.16.6, Mendix SAML Module Mendix 8 compatible All versions V2.2.2, Mendix SAML Module Mendix 9 compatible All versions V3.2.3. The affected module is vulnerable to XML External Entity XXE attacks due to...

7.5CVSS5.3AI score0.00953EPSS
Exploits0References2
Prion
Prion
added 2022/06/14 10:15 a.m.20 views

Cross site scripting

A vulnerability has been identified in Mendix SAML Module Mendix 7 compatible All versions V1.16.6, Mendix SAML Module Mendix 8 compatible All versions V2.2.2, Mendix SAML Module Mendix 9 compatible All versions V3.2.3. In certain configurations SAML module is vulnerable to Cross Site Scripting X...

4.3CVSS6.1AI score0.00545EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/06/14 9:22 a.m.27 views

CVE-2022-32286

A vulnerability has been identified in Mendix SAML Module Mendix 7 compatible All versions V1.16.6, Mendix SAML Module Mendix 8 compatible All versions V2.2.2, Mendix SAML Module Mendix 9 compatible All versions V3.2.3. In certain configurations SAML module is vulnerable to Cross Site Scripting X...

6.1AI score0.00545EPSS
Exploits0References1
CVE
CVE
added 2022/06/14 9:22 a.m.59 views

CVE-2022-32286

The CVE-2022-32286 entry concerns the Mendix SAML Module (Mendix 7 compatible: all versions < 1.16.6; Mendix 8 compatible: all versions < 2.2.2; Mendix 9 compatible: all versions

6.1CVSS5.9AI score0.00545EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/06/14 9:22 a.m.23 views

CVE-2022-32285

A vulnerability has been identified in Mendix SAML Module Mendix 7 compatible All versions V1.16.6, Mendix SAML Module Mendix 8 compatible All versions V2.2.2, Mendix SAML Module Mendix 9 compatible All versions V3.2.3. The affected module is vulnerable to XML External Entity XXE attacks due to...

7.4AI score0.00953EPSS
Exploits0References1
CNVD
CNVD
added 2021/06/09 12:0 a.m.8 views

Siemens Mendix SAML Module Elevation of Privilege Vulnerability

The Mendix SAML Module allows authenticating users in cloud applications using SAML. The module can communicate with any identity provider that supports SAML 2.0 or Shibboleth. An elevation of privilege vulnerability exists in the Siemens Mendix SAML Module. An authenticated, remote attacker coul...

8.8CVSS6.9AI score0.00604EPSS
Exploits0References1
NVD
NVD
added 2021/06/08 8:15 p.m.26 views

CVE-2021-33712

A vulnerability has been identified in Mendix SAML Module All versions V2.1.2. The configuration of the SAML module does not properly check various restrictions and validations imposed by an identity provider. This could allow a remote authenticated attacker to escalate privileges...

8.8CVSS0.00604EPSS
Exploits0References1
OSV
OSV
added 2021/06/08 8:15 p.m.4 views

CVE-2021-33712

A vulnerability has been identified in Mendix SAML Module All versions V2.1.2. The configuration of the SAML module does not properly check various restrictions and validations imposed by an identity provider. This could allow a remote authenticated attacker to escalate privileges...

8.8CVSS5.7AI score0.00604EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/06/08 7:47 p.m.30 views

CVE-2021-33712

A vulnerability has been identified in Mendix SAML Module All versions V2.1.2. The configuration of the SAML module does not properly check various restrictions and validations imposed by an identity provider. This could allow a remote authenticated attacker to escalate privileges...

8.6AI score0.00604EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/06/08 12:0 a.m.9 views

Mendix SAML 数据伪造问题漏洞

The Mendix SAML Module allows authenticating users in cloud applications using SAML. The module can communicate with any identity provider that supports SAML 2.0 or Shibboleth. An elevation of privilege vulnerability exists in the Siemens Mendix SAML Module. An authenticated, remote attacker coul...

8.8CVSS5.7AI score0.00604EPSS
Exploits0References4
ICS
ICS
added 2021/06/08 12:0 a.m.27 views

Siemens Mendix SAML Module

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Mendix SAML Module Vulnerability: Insufficient Verification of Data Authenticity 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to escalate...

8.8CVSS8.8AI score0.00604EPSS
Exploits0References11
Rows per page
Query Builder