February 17, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Advisory – Multiple Oracle MySQL Vulnerabilities
April 22, 2021Rewterz Threat Advisory – Junos OS Remote Code Execution Vulnerability
April 22, 2021Rewterz Threat Advisory – Multiple Oracle MySQL Vulnerabilities
April 22, 2021Rewterz Threat Advisory – Junos OS Remote Code Execution Vulnerability
April 22, 2021
Severity
Medium
Analysis Summary
CVE-2021-27394
Authenticated, non-administrative users could modify their privileges by manipulating the user role under certain circumstances, allowing them to gain administrative privileges.Successful exploitation of this vulnerability could allow a non-administrative user to gain administrative privileges.
Impact
- Privilege access
- Improper Privilege Management
Affected Vendors
Siemens
Affected Products
- Mendix Applications using Mendix 7 All versions prior to v7.23.19
- Mendix Applications using Mendix 8 All versions prior to v8.17.0
- Mendix Applications using Mendix 8 (v8.12) All versions prior to v8.12.5
- Mendix Applications using Mendix 8 (v8.6) All versions prior to v8.6.9
- Mendix Applications using Mendix 9 All versions prior to v9.0.5
Remediation
Refer to ICS advisory for the complete list of affected products and their respective patches.