Lucene search
M-Files CorporationCVE-2022-4270HistoryDec 02, 2022 - 1:15 p.m.
CVE-2022-4270
2022-12-0213:15:10
CWE-269
M-Files Corporation
web.nvd.nist.gov
36
cve-2022-4270
m-files web
privilege assignment
nvd
CVSS3
2.6
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N
AI Score
4.2
Confidence
High
EPSS
0.001
Percentile
22.8%
Incorrect privilege assignment issue in M-Files Web in M-Files Web versions beforeΒ 22.5.11436.1 could have changed permissions accidentally.
Affected configurations
Node
m-filesm-files_serverRange<22.5.11436.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| m-files | m-files_server | * | cpe:2.3:a:m-files:m-files_server:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "M-Files Web",
"vendor": "M-Files",
"versions": [
{
"lessThan": "22.5.11436.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2022-4270
2022-12-02 13:15:10
cvelist
cvelist
CVE-2022-4270 Incorrect privilege assignment in M-Files Web Server
2022-12-02 12:20:58
prion
prion
Privilege escalation
2022-12-02 13:15:00
vulnrichment
vulnrichment
CVE-2022-4270 Incorrect privilege assignment in M-Files Web Server
2022-12-02 12:20:58
CVSS3
2.6
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N
AI Score
4.2
Confidence
High
EPSS
0.001
Percentile
22.8%
Related for CVE-2022-4270