CNNVD-202508-1658 Information

CNNVD ID

CNNVD-202508-1658

Related CVE

CVE-2025-40758

• CNNVD Published: 2025-08-14

Description (Chinese)

Siemens Mendix SAML是德国西门子（Siemens）公司的一个单点登录模块。 Siemens Mendix SAML存在数据伪造问题漏洞，该漏洞源于签名验证和绑定检查不足，可能导致账户劫持。

Description (English)

Siemens Mendix SamL is a single-point login module for Siemens, Germany. Siemens Mendix SamL had a loophole in the problem of data forgery, which stemmed from inadequate signature verification and binding checks, which could lead to the hijacking of accounts.

Hazard Level

Medium

Vulnerability Type

数据伪造问题

Affected Vendor

西门子

Published

2025-08-14

Last Modified

2026-02-24

References

https://cert-portal.siemens.com/productcert/html/ssa-395458.html https://nvd.nist.gov/vuln/detail/CVE-2025-40758

Patch

https://marketplace.mendix.com/index3.html