Siemens Mendix SAML Module Certification Bypass Vulnerability

2022-11-0900:00:00

China National Vulnerability Database

www.cnvd.org.cn

siemens

mendix

saml

module

authentication

bypass

vulnerability

germany

identity provider

exploited

attacker

access

0.002 Low

EPSS

Percentile

58.4%

JSON

Siemens Mendix SAML Module is an application module from Siemens, Germany. It is used to grant access to Mendix applications based on the end-user’s identity in your identity provider. An authentication bypass vulnerability exists in Siemens Mendix SAML Module, which could be exploited by an attacker to bypass authentication and access the application.

CPENameOperatorVersion
siemens mendix saml module (mendix 7 compatible)ge1.17.0
siemens mendix saml module (mendix 8 compatible) >=2.3.0，lt2.3.2
siemens mendix saml module (mendix 9 compatible, new track) >=3.3.1，lt3.3.5
siemens mendix saml module (mendix 9 compatible, upgrade track) >=3.3.0，lt3.3.4

Name	Operator	Version
siemens mendix saml module (mendix 7 compatible)	ge	1.17.0
siemens mendix saml module (mendix 8 compatible) >=2.3.0，	lt	2.3.2
siemens mendix saml module (mendix 9 compatible, new track) >=3.3.1，	lt	3.3.5
siemens mendix saml module (mendix 9 compatible, upgrade track) >=3.3.0，	lt	3.3.4

0.002 Low

EPSS

Percentile

58.4%

JSON

Related for CNVD-2022-75534