Saml@* Security Vulnerabilities and Issues — Saml@* CVE List

MendixSaml*

5 matches found

CVE•added 2022/09/13 12:0 a.m.•66 views

CVE-2022-37011

Technical details about CVE-2022-37011 are not publicly provided in the supplied documents. Monitor for updates from official advisories and vendor pages.

9.8CVSS9.4AI score0.01018EPSS

CVE•added 2022/06/14 9:22 a.m.•56 views

CVE-2022-32286

The CVE-2022-32286 entry concerns the Mendix SAML Module (Mendix 7 compatible: all versions < 1.16.6; Mendix 8 compatible: all versions < 2.2.2; Mendix 9 compatible: all versions

6.1CVSS5.9AI score0.00541EPSS

CVE•added 2022/11/08 12:0 a.m.•56 views

CVE-2022-44457

CVE-2022-44457 affects Mendix SAML modules across Mendix 7/8/9 tracks. The issue arises when the non-default configuration option Allow Idp Initiated Authentication is enabled, yielding insufficient protection against packet capture replay. The record notes this as an incomplete fix for CVE-2022-...

9.8CVSS9.3AI score0.007EPSS

CVE•added 2022/06/14 9:22 a.m.•52 views

CVE-2022-32285

The CVE-2022-32285 vulnerability affects the Mendix SAML Module (Mendix 7 compatible: all versions < v1.16.6; Mendix 8 compatible: all versions < v2.2.2; Mendix 9 compatible: all versions

7.5CVSS7.2AI score0.00946EPSS

CVE•added 2021/06/08 7:47 p.m.•41 views

CVE-2021-33712

The CVE-2021-33712 vulnerability affects the Mendix SAML Module (all versions before 2.1.2). Root cause: the SAML module’s configuration does not properly enforce restrictions/validations from the identity provider, enabling a remote authenticated attacker to escalate privileges. Affected product...

8.8CVSS8.3AI score0.00604EPSS