Page 2 of 22 results (0.017 seconds)

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

Lack of protection against brute force attacks in M-Files Server before 23.12.13205.0 allows an attacker unlimited authentication attempts, potentially compromising targeted M-Files user accounts by guessing passwords. La falta de protección contra ataques de fuerza bruta en M-Files Server antes de 23.12.13205.0 permite a un atacante realizar intentos de autenticación ilimitados, lo que podría comprometer cuentas de usuarios de M-Files específicas al adivinar contraseñas. • https://www.m-files.com/about/trust-center/security-advisories/cve-2023-6912 https://product.m-files.com/security-advisories/cve-2023-6912 • CWE-307: Improper Restriction of Excessive Authentication Attempts •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

Missing access permissions checks in the M-Files server before 23.11.13156.0 allow attackers to perform data write and export jobs using the M-Files API methods. Las comprobaciones de permisos de acceso faltantes en el servidor M-Files anteriores a 23.11.13156.0 permiten a los atacantes realizar trabajos de escritura y exportación de datos utilizando los métodos API de M-Files. • https://https://www.m-files.com/about/trust-center/security-advisories/cve-2023-6189 https://product.m-files.com/security-advisories/cve-2023-6189 • CWE-280: Improper Handling of Insufficient Permissions or Privileges •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

A possibility of unwanted server memory consumption was detected through the obsolete functionalities in the Rest API methods of the M-Files server before 23.11.13156.0 which allows attackers to execute DoS attacks. Se detectó una posibilidad de consumo no deseado de memoria del servidor a través de las funcionalidades obsoletas en los métodos Rest API del servidor M-Files anteriores a 23.11.13156.0, lo que permite a los atacantes ejecutar ataques DoS. • https://www.m-files.com/about/trust-center/security-advisories/cve-2023-6117 https://product.m-files.com/security-advisories/cve-2023-6117 • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Unchecked parameter value in M-Files Server in versions before 23.6.12695.3 (excluding 23.2 SR2 and newer) allows anonymous user to cause denial of service • https://www.m-files.com/about/trust-center/security-advisories/cve-2023-3405 https://www.m-files.com/about/trust-center/security-advisories/cve-2023-3405-denial-of-service-in-m-files-server https://product.m-files.com/security-advisories/cve-2023-3405 • CWE-248: Uncaught Exception •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

Desktop component service allows lateral movement between sessions in M-Files before 23.4.12455.0. • https://www.m-files.com/about/trust-center/security-advisories/cve-2023-2112 https://product.m-files.com/security-advisories/cve-2023-2112 • CWE-284: Improper Access Control •