QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2021-27394

Back to search

CVE-2021-27394

Published: Apr 16, 2021

Modified: Aug 3, 2024

PUBLISHED

Description

A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.19), Mendix Applications using Mendix 8 (All versions < V8.17.0), Mendix Applications using Mendix 8 (V8.12) (All versions < V8.12.5), Mendix Applications using Mendix 8 (V8.6) (All versions < V8.6.9), Mendix Applications using Mendix 9 (All versions < V9.0.5). Authenticated, non-administrative users could modify their privileges by manipulating the user role under certain circumstances, allowing them to gain administrative privileges.

VendorProductVersions

Siemens

Mendix Applications using Mendix 7

affected
All versions < V7.23.19

Siemens

Mendix Applications using Mendix 8

affected
All versions < V8.17.0

Siemens

Mendix Applications using Mendix 8 (V8.12)

affected
All versions < V8.12.5

Siemens

Mendix Applications using Mendix 8 (V8.6)

affected
All versions < V8.6.9

Siemens

Mendix Applications using Mendix 9

affected
All versions < V9.0.5

Weaknesses (CWE)

CWE-269

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now