VYPR
Unrated severityNVD Advisory· Published Apr 12, 2022· Updated Aug 3, 2024

CVE-2022-27241

CVE-2022-27241

Description

A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.31), Mendix Applications using Mendix 8 (All versions < V8.18.18), Mendix Applications using Mendix 9 (All versions < V9.11), Mendix Applications using Mendix 9 (V9.6) (All versions < V9.6.12). Applications built with an affected system publicly expose the internal project structure. This could allow an unauthenticated remote attacker to read confidential information.

Affected products

5
  • Mendix/Mendixllm-fuzzy
    Range: < V7.23.31, < V8.18.18, < V9.11, < V9.6.12
  • Siemens/Mendix Applications using Mendix 7v5
    Range: All versions < V7.23.31
  • Siemens/Mendix Applications using Mendix 8v5
    Range: All versions < V8.18.18
  • Siemens/Mendix Applications using Mendix 9v5
    Range: All versions < V9.11
  • Siemens/Mendix Applications using Mendix 9 (V9.6)v5
    Range: All versions < V9.6.12

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.