CVE-2025-40571 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

A vulnerability has been identified in Mendix OIDC SSO (Mendix 10 compatible) (All versions < V4.1.0), Mendix OIDC SSO (Mendix 10.12 compatible) (All versions <…
Low CVSS: 2.1

CVE-2025-40571

A vulnerability has been identified in Mendix OIDC SSO (Mendix 10 compatible) (All versions < V4.1.0), Mendix OIDC SSO (Mendix 10.12 compatible) (All versions < V4.0.1), Mendix OIDC SSO (Mendix 9 compatible) (All versions < V3.3.0). The Mendix OIDC SSO module grants read and write access to all tokens exclusively to the Administrator role and could result in privilege misuse by an adversary modifying the module during Mendix development.
Vendor
-
Product
-
CWE
CWE-266
Yayın Tarihi
2025-05-13 10:15:26
Güncelleme
2025-11-11 21:15:37
Source Identifier
productcert@siemens.com
KEV Date Added
-

Kategoriler

CWE-266 LOW 2025

Referanslar

https://cert-portal.siemens.com/productcert/html/ssa-726617.html