CVE-2021-33718
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.22), Mendix Applications using Mendix 8 (All versions < V8.18.7), Mendix Applications using Mendix 9 (All versions < V9.3.0). Write access checks of attributes of an object could be bypassed, if user has a write permissions to the first attribute of this object.
Se ha identificado una vulnerabilidad en las aplicaciones de Mendix que usan Mendix 7 (todas las versiones anteriores a V7.23.22), las aplicaciones de Mendix que usan Mendix 8 (todas las versiones anteriores a V8.18.7) y las aplicaciones de Mendix que usan Mendix 9 (todas las versiones anteriores a V9.3.0). Las comprobaciones de acceso a la escritura de los atributos de un objeto podrĂan ser omitidas, si el usuario presenta permisos de escritura en el primer atributo de este objeto
CVSS Scores
SSVC
- Decision:-
Timeline
- 2021-05-28 CVE Reserved
- 2021-07-13 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-03 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-863: Incorrect Authorization
CAPEC
References (1)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://cert-portal.siemens.com/productcert/pdf/ssa-352521.pdf | 2021-07-27 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Siemens Search vendor "Siemens" | Mendix Search vendor "Siemens" for product "Mendix" | >= 7.0 < 7.23.22 Search vendor "Siemens" for product "Mendix" and version " >= 7.0 < 7.23.22" | - |
Affected
| ||||||
Siemens Search vendor "Siemens" | Mendix Search vendor "Siemens" for product "Mendix" | >= 8.0 < 8.18.7 Search vendor "Siemens" for product "Mendix" and version " >= 8.0 < 8.18.7" | - |
Affected
| ||||||
Siemens Search vendor "Siemens" | Mendix Search vendor "Siemens" for product "Mendix" | >= 9.0 < 9.3.0 Search vendor "Siemens" for product "Mendix" and version " >= 9.0 < 9.3.0" | - |
Affected
|