CVE-2022-25650

A vulnerability has been identified in Mendix Applications using Mendix 7 All versions V7.23.27, Mendix Applications using Mendix 8 All versions V8.18.14, Mendix Applications using Mendix 9 All versions V9.12.0, Mendix Applications using Mendix 9 V9.6 All versions V9.6.3. When querying the...

Information disclosure

A vulnerability has been identified in Mendix Applications using Mendix 7 All versions V7.23.31, Mendix Applications using Mendix 8 All versions V8.18.18, Mendix Applications using Mendix 9 All versions V9.11, Mendix Applications using Mendix 9 V9.6 All versions V9.6.12. Applications built with a...

Design/Logic Flaw

A vulnerability has been identified in Mendix Applications using Mendix 7 All versions V7.23.27, Mendix Applications using Mendix 8 All versions V8.18.14, Mendix Applications using Mendix 9 All versions V9.12.0, Mendix Applications using Mendix 9 V9.6 All versions V9.6.3. When querying the...

CVE-2022-27241

A vulnerability has been identified in Mendix Applications using Mendix 7 All versions V7.23.31, Mendix Applications using Mendix 8 All versions V8.18.18, Mendix Applications using Mendix 9 All versions V9.11, Mendix Applications using Mendix 9 V9.6 All versions V9.6.12. Applications built with a...

CVE-2022-27241

Mendix CVE-2022-27241 affects Mendix applications built on versions: 7 (all < 7.23.31), 8 (all < 8.18.18), 9 (all < 9.11), and 9.6 (all

CVE-2022-25650

A vulnerability has been identified in Mendix Applications using Mendix 7 All versions V7.23.27, Mendix Applications using Mendix 8 All versions V8.18.14, Mendix Applications using Mendix 9 All versions V9.12.0, Mendix Applications using Mendix 9 V9.6 All versions V9.6.3. When querying the...

CVE-2022-25650

CVE-2022-25650 affects Mendix-based deployments of Siemens/Mendix: Project versions 7 (before 7.23.27), 8 (before 8.18.14), 9 (before 9.12.0), and 9.6 (before 9.6.3). The issue arises when querying the database and sorting on a protected field, enabling an authenticated attacker to extract inform...

Siemens Mendix 信息泄露漏洞

Mendix is a highly productive application platform. Siemens Mendix is vulnerable to an information disclosure vulnerability that could be exploited by attackers to read sensitive information...

Siemens Mendix 安全漏洞

Mendix is a high-productivity application platform that enables you to build and continuously improve mobile and large-scale Web applications. Siemens Mendix is vulnerable to an access control error that could be exploited by an attacker to extract information about the content of protected field...

Siemens Mendix

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Mendix Vulnerability: Exposure of Sensitive Information to an Unauthorized Actor 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled...

PT-2022-3547 · Mendix · Mendix

Name of the Vulnerable Software and Affected Versions: Mendix Applications using Mendix 7 versions prior to 7.23.27 Mendix Applications using Mendix 8 versions prior to 8.18.14 Mendix Applications using Mendix 9 versions prior to 9.12.0 Mendix Applications using Mendix 9 V9.6 versions prior to...

Siemens Mendix

1. EXECUTIVE SUMMARY CVSS v3 3.1 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: Mendix Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated attacker to extract information from a database protected field...

Siemens Mendix Runtime Access Control Improper Vulnerability

Mendix is an application platform that enables mobile and web applications to be built and continuously improved at scale. a security vulnerability exists in Siemens Mendix Runtime that could be exploited by attackers to dump and manipulate sensitive data...

Siemens Mendix Forgot Password Appstore module存在未明漏洞

Forgot Password module allows users to register applications or reset their own passwords without the need for administrator involvement...

siemens Mendix Forgot Password Appstore module access control impropriety vulnerability (CNVD-2022-17796)

Forgot Password module allows users to register applications or reset their own passwords without administrator involvement. siemens Mendix Forgot Password Appstore module contains a security vulnerability that could be exploited by an attacker to hijack any user account using the registration fl...

Siemens Mendix incorrect access control vulnerability

Siemens Mendix is a low-code application development platform from Siemens, Germany. The platform provides application development, testing, deployment, and iteration capabilities. Siemens Mendix contains a security vulnerability that could be exploited by an attacker to retrieve information abou...

CVE-2022-24309

A vulnerability has been identified in Mendix Runtime V7 All versions V7.23.29, Mendix Runtime V8 All versions V8.18.16, Mendix Runtime V9 All versions V9.13 only with Runtime Custom Setting DataStorage.UseNewQueryHandler set to False. If an entity has an association readable by the user, then in...

CVE-2022-26314

A vulnerability has been identified in Mendix Forgot Password Appstore module All versions = V3.3.0 V3.5.1, Mendix Forgot Password Appstore module Mendix 7 compatible All versions V3.2.2. Initial passwords are generated in an insecure manner. This could allow an unauthenticated remote attacker to...

CVE-2022-26317

A vulnerability has been identified in Mendix Applications using Mendix 7 All versions V7.23.29. When returning the result of a completed Microflow execution call the affected framework does not correctly verify, if the request was initially made by the user requesting the result. Together with...

CVE-2022-24309

A vulnerability has been identified in Mendix Runtime V7 All versions V7.23.29, Mendix Runtime V8 All versions V8.18.16, Mendix Runtime V9 All versions V9.13 only with Runtime Custom Setting DataStorage.UseNewQueryHandler set to False. If an entity has an association readable by the user, then in...