CVE-2022-31257
CVE-2022-31257
Vexday Risk Score
3Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS —EPSS 0.7%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
12 jul 2022Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.31), Mendix Applications using Mendix 8 (All versions < V8.18.18), Mendix Applications using Mendix 9 (All versions < V9.14.0), Mendix Applications using Mendix 9 (V9.12) (All versions < V9.12.2), Mendix Applications using Mendix 9 (V9.6) (All versions < V9.6.12). In case of access to an active user session in an application that is built with an affected version, it’s possible to change that user’s password bypassing password validations within a Mendix application. This could allow to set weak passwords.
Produtos afetados
Siemens · Mendix Applications using Mendix 7Siemens · Mendix Applications using Mendix 8Siemens · Mendix Applications using Mendix 9Siemens · Mendix Applications using Mendix 9 (V9.12)Siemens · Mendix Applications using Mendix 9 (V9.6)Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →