SSA-395458 — Vulnetix

SSA-395458 PUBLISHED CVSS 8.699999809265137 HIGH

Mendix SAML module contains a vulnerability that could allow unauthenticated remote attackers to hijack an account in specific SSO configurations. Mendix has provided fix releases for the Mendix SAML module and recommends to update to the latest version.

Risk Scores

CVSS 3.1

8.699999809265137

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N

Affected Products

Vendor	Product	Versions
	Mendix SAML (Mendix 9.24 compatible)
	Mendix SAML (Mendix 10.12 compatible)
	Mendix SAML (Mendix 10.21 compatible)

Exploit Intelligence

https://cert-portal.siemens.com/productcert/html/ssa-395458.html (circl)
https://cert-portal.siemens.com/productcert/csaf/ssa-395458.json (circl)
https://marketplace.mendix.com/link/component/1174 (circl)

Timeline

Aug 14, 2025 CVE Published

References

https://cert-portal.siemens.com/productcert/html/ssa-395458.html advisory
https://cert-portal.siemens.com/productcert/csaf/ssa-395458.json advisory
https://marketplace.mendix.com/link/component/1174 fix

Open in Interactive Console →