CVE-2023-45794

Name of the Vulnerable Software and Affected Versions Mendix Applications using Mendix 7 versions prior to 7.23.37 Mendix Applications using Mendix 8 versions prior to 8.18.27 Mendix Applications using Mendix 9 versions prior to 9.24.10 Mendix Applications using Mendix 10 versions prior to 10.4.0

Description A capture-replay flaw in the Mendix platform could allow authenticated attackers to access or modify objects without proper authorization, or escalate privileges in the context of the vulnerable app. This issue is related to bypassing authentication procedures and could impact the confidentiality, integrity, and availability of protected information.

Recommendations For Mendix 7 versions prior to 7.23.37, update to version 7.23.37 or later. For Mendix 8 versions prior to 8.18.27, update to version 8.18.27 or later. For Mendix 9 versions prior to 9.24.10, update to version 9.24.10 or later. For Mendix 10 versions prior to 10.4.0, update to version 10.4.0 or later.