Lucene search

M-Files CorporationCVELIST:CVE-2024-0563

HistoryFeb 23, 2024 - 8:52 a.m.

CVE-2024-0563 Denial of service condition in M-Files Server

2024-02-2308:52:38

CWE-400

M-Files Corporation

www.cve.org

cve-2024-0563

denial of service

m-files server

security vulnerability

anonymous users

4.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%

JSON

Denial of service condition in M-Files Server in versions before 24.2 (excluding 23.2 SR7 and 23.8 SR5) allows anonymous user to cause denial of service against other anonymous users.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Windows"
    ],
    "product": "M-Files Server",
    "vendor": "M-Files Corporation",
    "versions": [
      {
        "lessThan": "24.2",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      },
      {
        "status": "unaffected",
        "version": "23.2 SR7"
      },
      {
        "status": "unaffected",
        "version": "23.8 SR5"
      }
    ]
  }
]

References

www.m-files.com/about/trust-center/security-advisories/cve-2024-0563/

4.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%

JSON

Related for CVELIST:CVE-2024-0563