Mendix Application Authorization Misconfiguration Leading to Data Leakage

Summary of Mendix Application Data Leakage Vulnerability Vulnerability Overview Core Issue: Widespread configuration errors in Mendix applications expose data sources (entities/tables) to anonymous users or newly registered users, with permissions being overly permissive. Nature: This is an application-layer authorization configuration error, not a software vulnerability within the Mendix platform itself. Causes: Overly permissive entity access rules, incorrect role mappings, missing or overly broad XPath constraints, and excessive permissions for anonymous/default users. Exploitation: No software vulnerabilities are required; attackers can retrieve data by making standard Mendix runtime requests (such as requests). Impact Scope Applicability: Not limited to specific Mendix versions or single products. Affected Instances: Applications hosted on Mendix Cloud (potentially involving thousands of instances). On-premises Mendix deployments. Internet-facing portals built on Mendix. Potential Risks: Exposure of sensitive information (names, contact details, internal records, documents/ID images, etc.), leading to GDPR/AVG compliance risks, fraud, phishing, and reputational damage. Remediation Organizations are advised to immediately review the authorization configurations of Mendix applications and perform the following checks: 1. Review entity access rules for all entities. 2. Review module role mappings and user role assignments. 3. Validate XPath constraints and data visibility rules. 4. Review permissions for Anonymous users. 5. Review permissions for newly registered users/default users. 6. Disable anonymous access if not strictly required. 7. Review exposed REST services and microflows to strengthen authorization enforcement. 8. Consider upgrading to supported Mendix versions (e.g., 10 LTS / 11 MTS). 9. Conduct security reviews or penetration tests focused on authorization and data leakage. Emergency Measures: If sensitive data is accessible, immediately restrict access, review logs for signs of misuse, and assess whether data breach notifications are required.

Goal Reached Thanks to every supporter — we hit 100%!

Mendix Application Authorization Misconfiguration Leading to Data Leakage