exploitDog

CVE-2022-45936

Опубликовано: 13 дек. 2022

Источник: nvd

CVSS3: 8.1

EPSS Низкий

Описание

A vulnerability has been identified in Mendix Email Connector (All versions < V2.0.0). Affected versions of the module improperly handle access control for some module entities. This could allow authenticated remote attackers to read and manipulate sensitive information.

Ссылки

https://cert-portal.siemens.com/productcert/pdf/ssa-224632.pdf
Patch
Vendor Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-224632.pdf
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:siemens:mendix_email_connector:*:*:*:*:*:*:*:*

Версия до 2.0.0 (исключая)

EPSS

Процентиль: 43%

0.00207

Низкий

8.1 High

CVSS3

Дефекты

CWE-284

NVD-CWE-Other

Связанные уязвимости

GHSA-f4qr-m466-5qpf

CVSS3: 8.1

github

около 3 лет назад

A vulnerability has been identified in Mendix Email Connector (All versions < V2.0.0). Affected versions of the module improperly handle access control for some module entities. This could allow authenticated remote attackers to read and manipulate sensitive information.

EPSS

Процентиль: 43%

0.00207

Низкий

8.1 High

CVSS3

Дефекты

CWE-284

NVD-CWE-Other