CVE-2021-33718

Summary

A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.22), Mendix Applications using Mendix 8 (All versions < V8.18.7), Mendix Applications using Mendix 9 (All versions < V9.3.0). Write access checks of attributes of an object could be bypassed, if user has a write permissions to the first attribute of this object.

Affected Software

VendorProductVersion RangeStatus
SiemensMendix Applications using Mendix 7All versions < V7.23.22affected
SiemensMendix Applications using Mendix 8All versions < V8.18.7affected
SiemensMendix Applications using Mendix 9All versions < V9.3.0affected

Weaknesses

  • CWE-863: CWE-863: Incorrect Authorization

ADP Enrichment

CVE Program Container

Additional References

References