Lucene search

[email protected]NVD:CVE-2023-6912

HistoryDec 20, 2023 - 10:15 a.m.

CVE-2023-6912

2023-12-2010:15:08

CWE-307

[email protected]

web.nvd.nist.gov

brute force

m-files server

authentication

compromise

passwords

cve-2023-6912

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

39.2%

JSON

Lack of protection against brute force attacks in M-Files Server before 23.12.13205.0 allows an attacker unlimited authentication attempts, potentially compromising targeted M-Files user accounts by guessing passwords.

Affected configurations

NVD

Node

m-filesm-files_serverRange<23.12.13205.0

References

www.m-files.com/about/trust-center/security-advisories/cve-2023-6912/

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

39.2%

JSON

Related for NVD:CVE-2023-6912

prion1 cve1 cvelist1