3 results (0.005 seconds)

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

Missing access permissions checks in M-Files Client before 23.5.12598.0 (excluding 23.2 SR2 and newer) allows elevation of privilege via UI extension applications • https://https://www.m-files.com/about/trust-center/security-advisories/cve-2023-2480 https://www.m-files.com/about/trust-center/security-advisories/cve-2023-2480 https://product.m-files.com/security-advisories/cve-2023-2480 • CWE-280: Improper Handling of Insufficient Permissions or Privileges CWE-862: Missing Authorization •

CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0

Elevation of privilege issue in M-Files Installer versions before 22.6 on Windows allows user to gain SYSTEM privileges via DLL hijacking. • https://www.m-files.com/about/trust-center/security-advisories/cve-2023-0213 https://product.m-files.com/security-advisories/cve-2023-0213 • CWE-427: Uncontrolled Search Path Element •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

Incorrect Privilege Assignment in M-Files Web (Classic) in M-Files before 22.8.11691.0 allows low privilege user to change some configuration. La asignación de privilegios incorrecta en M-Files Web (Classic) en M-Files anterior a 22.8.11691.0 permite a usuarios con privilegios bajos cambiar alguna configuración. • https://www.m-files.com/about/trust-center/security-advisories/cve-2022-4264 https://product.m-files.com/security-advisories/cve-2022-4264 • CWE-269: Improper Privilege Management •