The vulnerability of the Basic Authentication mechanism in the Mendix Runtime environment allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Basic Authentication mechanism in the Mendix Runtime environment is related to inconsistencies in the responses to incoming requests. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...

CVE-2024-50313

A vulnerability has been identified in Mendix Runtime V10 All versions V10.16.0 only if the basic authentication mechanism is used by the application, Mendix Runtime V10.12 All versions V10.12.7 only if the basic authentication mechanism is used by the application, Mendix Runtime V10.6 All versio...

CVE-2024-50313

A vulnerability has been identified in Mendix Runtime V10 All versions V10.16.0 only if the basic authentication mechanism is used by the application, Mendix Runtime V10.12 All versions V10.12.7 only if the basic authentication mechanism is used by the application, Mendix Runtime V10.6 All versio...

CVE-2024-50313

A vulnerability has been identified in Mendix Runtime V10 All versions V10.16.0 only if the basic authentication mechanism is used by the application, Mendix Runtime V10.12 All versions V10.12.7 only if the basic authentication mechanism is used by the application, Mendix Runtime V10.6 All versio...

CVE-2024-50313

CVE-2024-50313 affects Siemens Mendix Runtime across multiple branches (V8, V9, V10, including V10.6/10.12/10.16 lines) where the basic authentication implementation has a race condition that could let unauthenticated remote actors bypass default account lockout. Affected versions include all V8 ...

Siemens Mendix Runtime 竞争条件问题漏洞

Mendix is a highly productive application platform that enables you to build and continuously improve mobile and web applications at scale. A competitive condition vulnerability exists in Siemens Mendix, which can be exploited by an unauthenticated, remote attacker to bypass default account locko...

CVE-2023-49069

A vulnerability has been identified in Mendix Runtime V10 All versions V10.17.0 only if the basic authentication mechanism is used by the application, Mendix Runtime V10.12 All versions V10.12.11 only if the basic authentication mechanism is used by the application, Mendix Runtime V10.6 All...

CVE-2023-49069

The CVE relates to Mendix Runtime authentication: an observable response discrepancy when validating usernames in basic authentication allows unauthenticated remote attackers to distinguish valid vs invalid usernames. Affected versions include Mendix Runtime V8 (all versions < V8.18.33), V9 (&...

CVE-2023-49069

A vulnerability has been identified in Mendix Runtime V10 All versions V10.17.0 only if the basic authentication mechanism is used by the application, Mendix Runtime V10.12 All versions V10.12.11 only if the basic authentication mechanism is used by the application, Mendix Runtime V10.6 All...

Siemens Mendix 安全漏洞

Siemens Mendix is a low-code application development platform from Siemens. The platform provides application development, testing, deployment and iteration. An information disclosure vulnerability exists in Siemens Mendix Runtime, which stems from the affected application's authentication...

Siemens Mendix Runtime

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

PT-2023-9659 · Mendix · Mendix Runtime

Name of the Vulnerable Software and Affected Versions: Mendix Runtime V10 versions prior to V10.17.0 Mendix Runtime V10.12 versions prior to V10.12.11 Mendix Runtime V10.6 versions prior to V10.6.19 Mendix Runtime V8 versions prior to V8.18.33 Mendix Runtime V9 versions prior to V9.24.31...

Siemens Mendix Runtime

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

PT-2022-22172 · Mendix · Mendix

Name of the Vulnerable Software and Affected Versions: Mendix Applications using Mendix 9 versions 9.11 through 9.14 Mendix Applications using Mendix 9 version 9.12 versions prior to 9.12.3 Description: An expression injection vulnerability was discovered in the Workflow subsystem of Mendix...

Siemens Mendix Runtime Access Control Improper Vulnerability

Mendix is an application platform that enables mobile and web applications to be built and continuously improved at scale. a security vulnerability exists in Siemens Mendix Runtime that could be exploited by attackers to dump and manipulate sensitive data...

CVE-2022-24309

A vulnerability has been identified in Mendix Runtime V7 All versions V7.23.29, Mendix Runtime V8 All versions V8.18.16, Mendix Runtime V9 All versions V9.13 only with Runtime Custom Setting DataStorage.UseNewQueryHandler set to False. If an entity has an association readable by the user, then in...

CVE-2022-24309

A vulnerability has been identified in Mendix Runtime V7 All versions V7.23.29, Mendix Runtime V8 All versions V8.18.16, Mendix Runtime V9 All versions V9.13 only with Runtime Custom Setting DataStorage.UseNewQueryHandler set to False. If an entity has an association readable by the user, then in...

Siemens Mendix 安全漏洞

Mendix is an application platform that enables mobile and web applications to be built and continuously improved at scale. a security vulnerability exists in Siemens Mendix Runtime that could be exploited by attackers to dump and manipulate sensitive data...

PT-2022-16598 · Mendix · Mendix Runtime V8 +2

Name of the Vulnerable Software and Affected Versions: Mendix Runtime V7 versions prior to 7.23.29 Mendix Runtime V8 versions prior to 8.18.16 Mendix Runtime V9 version 9.13 and earlier, with Runtime Custom Setting DataStorage.UseNewQueryHandler set to False Description: A vulnerability has been...

PT-2012-1253 · Mendix · Mendix Runtime

Name of the Vulnerable Software and Affected Versions: Mendix Runtime V8 versions Mendix Runtime V9 versions prior to V9.24.29 Mendix Runtime V10 versions prior to V10.16.0 Mendix Runtime V10.6 versions prior to V10.6.15 Mendix Runtime V10.12 versions prior to V10.12.7 Description: A race conditi...