Siemens Mendix Database Replication Module

Monitor4.3ICS-CERT ICSA-21-131-05May 11, 2021

Attack VectorNetwork

Auth RequiredLow

ComplexityLow

User InteractionNone needed

Summary

A Mendix Database Replication module vulnerability allows authenticated users to access sensitive information. The module versions prior to 7.0.1 contain an information disclosure flaw that could expose data to users with valid credentials.

What this means

What could happen

An authenticated user could read sensitive database information that they should not have access to. This could expose operational data, configuration details, or other confidential information stored in the replication system.

Who's at risk

Organizations using Mendix Database Replication for operational data storage and replication should care about this vulnerability. This affects any facility using Mendix-based applications for process monitoring, historian functions, or other operational data management where data confidentiality is important.

How it could be exploited

An attacker with valid credentials to the Mendix Database Replication module could query the database replication system to retrieve information they are not authorized to access. The vulnerability allows information disclosure to authenticated users without requiring any special exploitation steps.

Prerequisites

Valid Mendix application credentials
Network access to the Mendix Database Replication module
Access to the affected module (versions prior to 7.0.1)

Remotely exploitableRequires valid credentialsInformation disclosureLow CVSS score but could expose sensitive operational data

Exploitability

Low exploit probability (EPSS 0.2%)

Affected products (1)

ProductAffected VersionsFix Status

Mendix Database Replication<V7.0.17.0.1

Remediation & Mitigation

0/4

Do now

0/1

HARDENINGReview and enforce strong access control policies for Mendix credentials and minimize the number of users with access to the Database Replication module

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate Mendix Database Replication to version 7.0.1 or later

Long-term hardening

0/2

HARDENINGImplement network access controls to restrict access to the Mendix Database Replication module to authorized users and systems only

HARDENINGEnsure Mendix application is not directly accessible from the Internet; place behind firewall and isolate from business network

CVEs (1)

CVE-2021-31341

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/8421d1fd-45ee-4a4b-8a3c-31b8bd46b40d