CVE-2022-4858

Опубликовано: 30 дек. 2022

Источник: nvd

CVSS3: 4.4

CVSS3: 7.5

EPSS Низкий

Описание

Insertion of Sensitive Information into Log Files in M-Files Server before 22.10.11846.0 could allow to obtain sensitive tokens from logs, if specific configurations were set.

Ссылки

https://product.m-files.com/security-advisories/cve-2022-4858/
https://www.m-files.com/about/trust-center/security-advisories/cve-2022-4858/
Broken Link
https://www.m-files.com/about/trust-center/security-advisories/cve-2022-4858/
Broken Link

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:m-files:m-files_server:*:*:*:*:*:*:*:*

Версия до 22.10.11846.0 (исключая)

EPSS

Процентиль: 52%

0.00289

Низкий

4.4 Medium

CVSS3

7.5 High

CVSS3

Дефекты

CWE-532

Связанные уязвимости

GHSA-cmrr-4p45-4xv3

CVSS3: 7.5

github

около 3 лет назад

Insertion of Sensitive Information into Log Files in M-Files Server in M-Files before 22.10.11846.0 could allow to obtain sensitive tokens from logs, if specific configurations were set.

EPSS

Процентиль: 52%

0.00289

Низкий

4.4 Medium

CVSS3

7.5 High

CVSS3

Дефекты

CWE-532