A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.31), Mendix Applications using Mendix 8 (All versions < V8.18.18), Mendix Applications using Mendix 9 (All versions < V9.14.0), Mendix Applications using Mendix 9 (V9.12) (All versions < V9.12.2), Mendix Applications using Mendix 9 (V9.6) (All versions < V9.6.12). In case of access to an active user session in an application that is built with an affected version, it’s possible to change that user’s password bypassing password validations within a Mendix application. This could allow to set weak passwords.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: siemens

Published: 2022-07-12T10:06:43

Updated: 2024-08-03T07:11:39.898Z

Reserved: 2022-05-20T00:00:00

Link: CVE-2022-31257

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-07-12T10:15:10.653

Modified: 2024-11-21T07:04:14.230

Link: CVE-2022-31257

cve-icon Redhat

No data.