Lucene search

SiemensCVELIST:CVE-2022-45936

HistoryDec 13, 2022 - 12:00 a.m.

CVE-2022-45936

2022-12-1300:00:00

CWE-284

siemens

www.cve.org

mendix

email connector

vulnerability

access control

remote attackers

sensitive information

AI Score

7.9

Confidence

High

EPSS

0.001

Percentile

45.8%

JSON

A vulnerability has been identified in Mendix Email Connector (All versions < V2.0.0). Affected versions of the module improperly handle access control for some module entities. This could allow authenticated remote attackers to read and manipulate sensitive information.

CNA Affected

[
  {
    "vendor": "Siemens",
    "product": "Mendix Email Connector",
    "versions": [
      {
        "version": "All versions < V2.0.0",
        "status": "affected"
      }
    ]
  }
]

References

cert-portal.siemens.com/productcert/pdf/ssa-224632.pdf