cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-33500,https://securityvulnerability.io/vulnerability/CVE-2024-33500,Mendix Applications Vulnerability: Elevated Access Rights for Role Managers,"A vulnerability has been identified in Mendix Applications using Mendix 10 (All versions < V10.11.0), Mendix Applications using Mendix 10 (V10.6) (All versions < V10.6.9), Mendix Applications using Mendix 9 (All versions >= V9.3.0 < V9.24.22). Affected applications could allow users with the capability to manage a role to elevate the access rights of users with that role. Successful exploitation requires to guess the id of a target role which contains the elevated access rights.",Siemens,"Mendix Applications Using Mendix 10,Mendix Applications Using Mendix 10 (v10.6),Mendix Applications Using Mendix 9",5.9,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,2024-06-11T11:15:43.422Z,0
CVE-2023-45794,https://securityvulnerability.io/vulnerability/CVE-2023-45794,Capture-Replay Vulnerability in Mendix Applications by Mendix,"A capture-replay flaw exists in Mendix Applications which impacts various versions across multiple Mendix platforms. This vulnerability could be exploited by authenticated attackers to gain unauthorized access or modify objects within the application. The risk is contingent upon specific preconditions based on the application's model and access control design, potentially enabling privilege escalation in the context of vulnerable apps. Organizations using Mendix should assess the security of their applications and implement necessary controls to mitigate this risk.",Siemens,"Mendix Applications using Mendix 10,Mendix Applications using Mendix 7,Mendix Applications using Mendix 8,Mendix Applications using Mendix 9",8.1,HIGH,0.0005499999970197678,false,,false,false,false,,false,false,2023-11-14T11:15:00.000Z,0