CVE-2024-11176 – Incorrect calculation of effective permissions in M-Files Aino

https://notcve.org/view.php?id=CVE-2024-11176

Improper access control vulnerability in M-Files Aino in versions before 24.10 allowed an authenticated user to access object information via incorrect calculation of effective permissions. Una vulnerabilidad de control de acceso inadecuado en M-Files Aino en versiones anteriores a 24.10 permitía a un usuario autenticado acceder a la información del objeto mediante un cálculo incorrecto de permisos efectivos. • https://product.m-files.com/security-advisories/CVE-2024-11176 • CWE-682: Incorrect Calculation CWE-732: Incorrect Permission Assignment for Critical Resource CWE-863: Incorrect Authorization •