467 matches found
Siemens Mendix SAML Module Elevation of Privilege Vulnerability
The Mendix SAML Module allows authenticating users in cloud applications using SAML. The module can communicate with any identity provider that supports SAML 2.0 or Shibboleth. An elevation of privilege vulnerability exists in the Siemens Mendix SAML Module. An authenticated, remote attacker coul...
CVE-2021-33712
A vulnerability has been identified in Mendix SAML Module All versions V2.1.2. The configuration of the SAML module does not properly check various restrictions and validations imposed by an identity provider. This could allow a remote authenticated attacker to escalate privileges...
CVE-2021-33712
A vulnerability has been identified in Mendix SAML Module All versions V2.1.2. The configuration of the SAML module does not properly check various restrictions and validations imposed by an identity provider. This could allow a remote authenticated attacker to escalate privileges...
Design/Logic Flaw
A vulnerability has been identified in Mendix SAML Module All versions V2.1.2. The configuration of the SAML module does not properly check various restrictions and validations imposed by an identity provider. This could allow a remote authenticated attacker to escalate privileges...
CVE-2021-33712
The CVE-2021-33712 vulnerability affects the Mendix SAML Module (all versions before 2.1.2). Root cause: the SAML module’s configuration does not properly enforce restrictions/validations from the identity provider, enabling a remote authenticated attacker to escalate privileges. Affected product...
CVE-2021-33712
A vulnerability has been identified in Mendix SAML Module All versions V2.1.2. The configuration of the SAML module does not properly check various restrictions and validations imposed by an identity provider. This could allow a remote authenticated attacker to escalate privileges...
Siemens Mendix SAML Module
1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Mendix SAML Module Vulnerability: Insufficient Verification of Data Authenticity 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to escalate...
Mendix SAML 数据伪造问题漏洞
The Mendix SAML Module allows authenticating users in cloud applications using SAML. The module can communicate with any identity provider that supports SAML 2.0 or Shibboleth. An elevation of privilege vulnerability exists in the Siemens Mendix SAML Module. An authenticated, remote attacker coul...
CVE-2021-31339
A vulnerability has been identified in Mendix Excel Importer Module All versions V9.0.3. Uploading a manipulated XML File results in an exception that could expose information about the Application-Server and the used XML-Framework...
CVE-2021-31341
Uploading a table mapping using a manipulated XML file results in an exception that could expose information about the application-server and the used XML-framework on the Mendix Database Replication Module All versions prior to v7.0.1...
CVE-2021-31339
A vulnerability has been identified in Mendix Excel Importer Module All versions V9.0.3. Uploading a manipulated XML File results in an exception that could expose information about the Application-Server and the used XML-Framework...
Design/Logic Flaw
Uploading a table mapping using a manipulated XML file results in an exception that could expose information about the application-server and the used XML-framework on the Mendix Database Replication Module All versions prior to v7.0.1...
Design/Logic Flaw
A vulnerability has been identified in Mendix Excel Importer Module All versions V9.0.3. Uploading a manipulated XML File results in an exception that could expose information about the Application-Server and the used XML-Framework...
CVE-2021-31341
CVE-2021-31341 affects Siemens Mendix Database Replication Module (all versions prior to 7.0.1). The vulnerability arises when uploading a table-mapping via a manipulated XML file, causing an exception that could disclose information about the application server and the XML framework in use. Impa...
CVE-2021-31339
CVE-2021-31339 affects the Mendix Excel Importer Module: all versions before 9.0.3 are vulnerable. Uploading a manipulated XML file can raise an exception that may disclose information about the application server and the XML framework. The issue is documented with CVSS v3 base score 4.3 (remote,...
CVE-2021-31341
Uploading a table mapping using a manipulated XML file results in an exception that could expose information about the application-server and the used XML-framework on the Mendix Database Replication Module All versions prior to v7.0.1...
CVE-2021-31339
A vulnerability has been identified in Mendix Excel Importer Module All versions V9.0.3. Uploading a manipulated XML File results in an exception that could expose information about the Application-Server and the used XML-Framework...
Siemens Mendix 安全漏洞
Siemens Mendix is a low-code application development platform from Siemens. The platform provides application development, testing, deployment, and iteration. A security vulnerability exists in Siemens Mendix. The vulnerability stems from the system's use of XML file upload table mappings that...
Siemens Mendix 安全漏洞
Siemens Mendix is a low-code application development platform from Siemens. The platform provides application development, testing, deployment, and iteration. A security vulnerability exists in Siemens Mendix. The vulnerability stems from a program upload operation of an XML file that results in ...
Siemens Mendix Excel Importer Module
1. EXECUTIVE SUMMARY CVSS v3 4.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mendix, a subsidiary of Siemens Equipment: Mendix Excel Importer Module Vulnerability: Generation of Error Message Containing Sensitive Information 2. RISK EVALUATION Successful exploitation of this...