Описание
Authentication bypass condition in LDAP authentication in M-Files server versions before 24.11 supported usage of OpenLDAP configurations that allowed user authentication without a password when the LDAP server itself had the vulnerable configuration.
Authentication bypass condition in LDAP authentication in M-Files server versions before 24.11 supported usage of OpenLDAP configurations that allowed user authentication without a password when the LDAP server itself had the vulnerable configuration.
EPSS
9.2 Critical
CVSS4
9.8 Critical
CVSS3
CVE ID
Дефекты
Связанные уязвимости
Authentication bypass condition in LDAP authentication in M-Files server versions before 24.11 supported usage of OpenLDAP configurations that allowed user authentication without a password when the LDAP server itself had the vulnerable configuration.
Уязвимость платформы для автоматизации документооборота M-Files Server операционных систем Windows, связанная с недостатками процедуры аутентификации, позволяющая нарушителю обойти процесс аутентификации и повысить свои привилегии
EPSS
9.2 Critical
CVSS4
9.8 Critical
CVSS3