Описание
A vulnerability has been identified in Mendix Workflow Commons (All versions < V2.4.0), Mendix Workflow Commons V2.1 (All versions < V2.1.4), Mendix Workflow Commons V2.3 (All versions < V2.3.2). Affected versions of the module improperly handle access control for some module entities.
This could allow authenticated remote attackers to read or delete sensitive information.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.4.0 (исключая)
cpe:2.3:a:siemens:mendix_workflow_commons:*:*:*:*:*:*:*:*
EPSS
Процентиль: 43%
0.00207
Низкий
8.1 High
CVSS3
Дефекты
CWE-284
NVD-CWE-Other
Связанные уязвимости
CVSS3: 8.1
github
около 3 лет назад
A vulnerability has been identified in Mendix Workflow Commons (All versions < V2.4.0). Affected versions of the module improperly handle access control for some module entities. This could allow authenticated remote attackers to read or delete sensitive information.
EPSS
Процентиль: 43%
0.00207
Низкий
8.1 High
CVSS3
Дефекты
CWE-284
NVD-CWE-Other