Vulnerability Details CVE-2024-50313
A vulnerability has been identified in Mendix Runtime V10 (All versions < V10.16.0 only if the basic authentication mechanism is used by the application), Mendix Runtime V10.12 (All versions < V10.12.7 only if the basic authentication mechanism is used by the application), Mendix Runtime V10.6 (All versions < V10.6.15 only if the basic authentication mechanism is used by the application), Mendix Runtime V8 (All versions), Mendix Runtime V9 (All versions < V9.24.29 only if the basic authentication mechanism is used by the application). The basic authentication implementation of affected applications contains a race condition vulnerability which could allow unauthenticated remote attackers to circumvent default account lockout measures.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 25.7%
CVSS Severity
CVSS v3 Score 5.3
Products affected by CVE-2024-50313
-
cpe:2.3:a:mendix:mendix:*
-
cpe:2.3:a:mendix:mendix:8.0.0
-
cpe:2.3:a:mendix:mendix:8.1.0
-
cpe:2.3:a:mendix:mendix:8.10.0
-
cpe:2.3:a:mendix:mendix:8.11.0
-
cpe:2.3:a:mendix:mendix:8.12.0
-
cpe:2.3:a:mendix:mendix:8.12.1
-
cpe:2.3:a:mendix:mendix:8.12.2
-
cpe:2.3:a:mendix:mendix:8.12.3
-
cpe:2.3:a:mendix:mendix:8.12.4
-
cpe:2.3:a:mendix:mendix:8.12.5
-
cpe:2.3:a:mendix:mendix:8.13.0
-
cpe:2.3:a:mendix:mendix:8.14.0
-
cpe:2.3:a:mendix:mendix:8.15.0
-
cpe:2.3:a:mendix:mendix:8.15.1
-
cpe:2.3:a:mendix:mendix:8.15.2
-
cpe:2.3:a:mendix:mendix:8.16.0
-
cpe:2.3:a:mendix:mendix:8.17.0
-
cpe:2.3:a:mendix:mendix:8.17.1
-
cpe:2.3:a:mendix:mendix:8.18.0
-
cpe:2.3:a:mendix:mendix:8.18.1
-
cpe:2.3:a:mendix:mendix:8.18.10
-
cpe:2.3:a:mendix:mendix:8.18.11
-
cpe:2.3:a:mendix:mendix:8.18.12
-
cpe:2.3:a:mendix:mendix:8.18.13
-
cpe:2.3:a:mendix:mendix:8.18.14
-
cpe:2.3:a:mendix:mendix:8.18.15
-
cpe:2.3:a:mendix:mendix:8.18.16
-
cpe:2.3:a:mendix:mendix:8.18.17
-
cpe:2.3:a:mendix:mendix:8.18.2
-
cpe:2.3:a:mendix:mendix:8.18.3
-
cpe:2.3:a:mendix:mendix:8.18.4
-
cpe:2.3:a:mendix:mendix:8.18.5
-
cpe:2.3:a:mendix:mendix:8.18.6
-
cpe:2.3:a:mendix:mendix:8.18.7
-
cpe:2.3:a:mendix:mendix:8.18.8
-
cpe:2.3:a:mendix:mendix:8.18.9
-
cpe:2.3:a:mendix:mendix:8.2.0
-
cpe:2.3:a:mendix:mendix:8.3.0
-
cpe:2.3:a:mendix:mendix:8.4.0
-
cpe:2.3:a:mendix:mendix:8.5.0
-
cpe:2.3:a:mendix:mendix:8.6.0
-
cpe:2.3:a:mendix:mendix:8.6.1
-
cpe:2.3:a:mendix:mendix:8.6.2
-
cpe:2.3:a:mendix:mendix:8.6.3
-
cpe:2.3:a:mendix:mendix:8.6.4
-
cpe:2.3:a:mendix:mendix:8.6.5
-
cpe:2.3:a:mendix:mendix:8.6.6
-
cpe:2.3:a:mendix:mendix:8.6.7
-
cpe:2.3:a:mendix:mendix:8.6.8
-
cpe:2.3:a:mendix:mendix:8.6.9
-
cpe:2.3:a:mendix:mendix:8.7.0
-
cpe:2.3:a:mendix:mendix:8.8.0
-
cpe:2.3:a:mendix:mendix:8.9.0
-
cpe:2.3:a:mendix:mendix:9.0.0
-
cpe:2.3:a:mendix:mendix:9.0.5
-
cpe:2.3:a:mendix:mendix:9.1.0
-
cpe:2.3:a:mendix:mendix:9.1.1
-
cpe:2.3:a:mendix:mendix:9.2.0
-
cpe:2.3:a:mendix:mendix:9.3.0
-
cpe:2.3:a:mendix:mendix:9.4.0
-
cpe:2.3:a:mendix:mendix:9.5.0
-
cpe:2.3:a:mendix:mendix:9.5.1
-
cpe:2.3:a:mendix:mendix:9.6.0
-
cpe:2.3:a:mendix:mendix:9.6.1
-
cpe:2.3:a:mendix:mendix:9.6.2
-
cpe:2.3:a:mendix:mendix:9.7.0