CVE-2021-31341
First published: Wed May 12 2021(Updated: )
Uploading a table mapping using a manipulated XML file results in an exception that could expose information about the application-server and the used XML-framework on the Mendix Database Replication Module (All versions prior to v7.0.1).
Credit: productcert@siemens.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Mendix Database Replication | <7.0.1 | 7.0.1 |
| Mendix | <7.0.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2021-31341.
What is the severity of CVE-2021-31341?
The severity of CVE-2021-31341 is medium with a severity value of 4.3.
Which software versions are affected by CVE-2021-31341?
All versions prior to v7.0.1 of the Mendix Database Replication Module are affected by CVE-2021-31341.
How can CVE-2021-31341 be exploited?
CVE-2021-31341 can be exploited by uploading a table mapping using a manipulated XML file.
Are there any references related to CVE-2021-31341?
Yes, you can find references related to CVE-2021-31341 at the following links: [Siemens CERT Portal](https://cert-portal.siemens.com/productcert/pdf/ssa-919955.pdf) and [US-CERT Advisory](https://us-cert.cisa.gov/ics/advisories/icsa-21-131-05).
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/author
- agent/weakness
- agent/references
- agent/severity
- agent/description
- agent/first-publish-date
- agent/event
- agent/trending
- agent/source
- collector/ics-cert-advisory
- source/ICS
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- vendor/siemens
- canonical/mendix database replication
- vendor/mendix
- canonical/mendix