← voltar
CVE-2022-26314

CVE-2022-26314

EPSS 1.4%CWE-307
A vulnerability has been identified in Mendix Forgot Password Appstore module (All versions >= V3.3.0 < V3.5.1), Mendix Forgot Password Appstore module (Mendix 7 compatible) (All versions < V3.2.2). Initial passwords are generated in an insecure manner. This could allow an unauthenticated remote attacker to efficiently brute force passwords in specific situations.
Produtos afetados
Siemens · Mendix Forgot Password Appstore moduleSiemens · Mendix Forgot Password Appstore module (Mendix 7 compatible)

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://cert-portal.siemens.com/productcert/pdf/ssa-134279.pdf