CVE-2024-56841

Name of the Vulnerable Software and Affected Versions Mendix LDAP versions prior to V1.1.2

Description The issue is related to the Mendix LDAP module, which is vulnerable to LDAP injection due to the failure to neutralize special elements in the LDAP request. This could allow an unauthenticated remote attacker to bypass username verification. The vulnerability may be exploited by a remote attacker to bypass security restrictions.

Recommendations For versions prior to V1.1.2, update to version V1.1.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the LDAP module to minimize the risk of exploitation. Avoid using the vulnerable module until the issue is resolved.