Security Advisory

CVE-2025-40571

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-05-13 09:38:54

Last updated 2026-04-14 08:40:36

Assigner siemens

State PUBLISHED

Description

A vulnerability has been identified in Mendix OIDC SSO (Mendix 10.12 compatible) (All versions < V4.0.1), Mendix OIDC SSO (Mendix 9 compatible) (All versions < V3.3.1), Mendix OIDC SSO V4.2 (Mendix 10 compatible) (All versions < V4.2.1), Mendix OIDC SSO V4.3 (Mendix 10 compatible) (All versions). The Mendix OIDC SSO module grants read and write access to all tokens exclusively to the Administrator role and could result in privilege misuse by an adversary modifying the module during Mendix development.

← Browse all CVEs View on cve.org ↗