VYPR
Unrated severityNVD Advisory· Published Nov 12, 2024· Updated Aug 27, 2025

CVE-2024-50313

CVE-2024-50313

Description

A vulnerability has been identified in Mendix Runtime V10 (All versions < V10.16.0 only if the basic authentication mechanism is used by the application), Mendix Runtime V10.12 (All versions < V10.12.7 only if the basic authentication mechanism is used by the application), Mendix Runtime V10.6 (All versions < V10.6.15 only if the basic authentication mechanism is used by the application), Mendix Runtime V8 (All versions only if the basic authentication mechanism is used by the application), Mendix Runtime V9 (All versions < V9.24.29 only if the basic authentication mechanism is used by the application). The basic authentication implementation of affected applications contains a race condition vulnerability which could allow unauthenticated remote attackers to circumvent default account lockout measures.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

6
  • Mendix/Runtimellm-create
    Range: V10 < 10.16.0, V10.12 < 10.12.7, V10.6 < 10.6.15, V9 < 9.24.29, V8 all
  • 0+ 4 more
    • (no CPE)range: 0
    • (no CPE)range: 0
    • (no CPE)range: 0
    • (no CPE)range: 0
    • (no CPE)range: 0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.