CVE-2021-42015
N/A
N/A
Summary
A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.26), Mendix Applications using Mendix 8 (All versions < V8.18.12), Mendix Applications using Mendix 9 (All versions < V9.6.1). Applications built with affected versions of Mendix Studio Pro do not prevent file documents from being cached when files are opened or downloaded using a browser. This could allow a local attacker to read those documents by exploring the browser cache.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Siemens | Mendix Applications using Mendix 7 | All versions < V7.23.26 | affected |
| Siemens | Mendix Applications using Mendix 8 | All versions < V8.18.12 | affected |
| Siemens | Mendix Applications using Mendix 9 | All versions < V9.6.1 | affected |
Weaknesses
- CWE-525: CWE-525: Use of Web Browser Cache Containing Sensitive Information
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.