3 matches found
CVE-2022-25650
A vulnerability has been identified in Mendix Applications using Mendix 7 All versions V7.23.27, Mendix Applications using Mendix 8 All versions V8.18.14, Mendix Applications using Mendix 9 All versions V9.12.0, Mendix Applications using Mendix 9 V9.6 All versions V9.6.3. When querying the...
CVE-2022-25650
CVE-2022-25650 affects Mendix-based deployments of Siemens/Mendix: Project versions 7 (before 7.23.27), 8 (before 8.18.14), 9 (before 9.12.0), and 9.6 (before 9.6.3). The issue arises when querying the database and sorting on a protected field, enabling an authenticated attacker to extract inform...
Siemens Mendix
1. EXECUTIVE SUMMARY CVSS v3 3.1 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: Mendix Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated attacker to extract information from a database protected field...