← volver
CVE-2023-6912

Brute force vulnerability in M-Files user authentication

CVSS 7.5 HIGHEPSS 1.0%CWE-307
Lack of protection against brute force attacks in M-Files Server before 23.12.13205.0 allows an attacker unlimited authentication attempts, potentially compromising targeted M-Files user accounts by guessing passwords.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Productos afectados
M-Files Corporation · M-Files Server

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://empower.m-files.com/security-advisories/CVE-2023-6912https://product.m-files.com/security-advisories/cve-2023-6912/https://www.m-files.com/about/trust-center/security-advisories/cve-2023-6912/