CVE-2022-27241
N/A
N/A
Summary
A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.31), Mendix Applications using Mendix 8 (All versions < V8.18.18), Mendix Applications using Mendix 9 (All versions < V9.11), Mendix Applications using Mendix 9 (V9.6) (All versions < V9.6.12). Applications built with an affected system publicly expose the internal project structure. This could allow an unauthenticated remote attacker to read confidential information.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Siemens | Mendix Applications using Mendix 7 | All versions < V7.23.31 | affected |
| Siemens | Mendix Applications using Mendix 8 | All versions < V8.18.18 | affected |
| Siemens | Mendix Applications using Mendix 9 | All versions < V9.11 | affected |
| Siemens | Mendix Applications using Mendix 9 (V9.6) | All versions < V9.6.12 | affected |
Weaknesses
- CWE-200: CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.