I became aware of this security vulnerability: Siemens Mendix Runtime | CISA The Risk evaluation reads: Successful exploitation of this vulnerability could allow unauthenticated remote attackers to circumvent default account lockout measures. This is kind of a vague statement. When they say "account lockout measures", are they referring to allowing users who are inactive or blocked to be able to log in?
asked
Brian Lorraine
1 answers
0
As I have read it it means that unauthorized users could see or manipulate data in your application under very specific conditions. And from the score it seems it was not trivial to do so. But it does mean you should upgrade as soon as possible.