Lucene search
HistoryDec 13, 2022 - 4:15 p.m.
CVE-2022-45936
mendix
email connector
vulnerability
unauthorized access
sensitive information
CVSS3
8.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
EPSS
0.001
Percentile
45.8%
A vulnerability has been identified in Mendix Email Connector (All versions < V2.0.0). Affected versions of the module improperly handle access control for some module entities. This could allow authenticated remote attackers to read and manipulate sensitive information.
Affected configurations
Node
siemensmendix_email_connectorRange<2.0.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| siemens | mendix_email_connector | * | cpe:2.3:a:siemens:mendix_email_connector:*:*:*:*:*:*:*:* |
Related
prion
prion
Information disclosure
2022-12-13 16:15:00
cnvd
cnvd
Siemens Mendix Email Connector Module Improper Access Control Vulnerability
2022-12-14 00:00:00
ics
ics
Siemens Mendix Email Connector
2022-12-15 12:00:00
cve
cve
CVE-2022-45936
2022-12-13 16:15:24
cvelist
cvelist
CVE-2022-45936
2022-12-13 00:00:00
CVSS3
8.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
EPSS
0.001
Percentile
45.8%
Related for NVD:CVE-2022-45936