CVE-2021-33718 Information

Description

A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.22) Mendix Applications using Mendix 8 (All versions < V8.18.7) Mendix Applications using Mendix 9 (All versions < V9.3.0). Write access checks of attributes of an object could be bypassed if user has a write permissions to the first attribute of this object.

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N

Reference

https://cert-portal.siemens.com/productcert/pdf/ssa-352521.pdf

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

HIGH

Base Score

NONE

Base Severity

5.3