Описание
A privilege escalation issue existed in FileMaker Server, potentially exposing sensitive information to front-end websites when signed in to the Admin Console with an administrator role. This issue has been fixed in FileMaker Server 20.3.1 by reducing the information sent in requests.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 20.3.1 (исключая)
Одно из
cpe:2.3:a:claris:claris_pro:-:*:*:*:*:*:*:*
cpe:2.3:a:claris:filemaker_server:*:*:*:*:*:*:*:*
EPSS
Процентиль: 52%
0.00287
Низкий
4.9 Medium
CVSS3
6.5 Medium
CVSS3
Дефекты
NVD-CWE-noinfo
CWE-250
Связанные уязвимости
CVSS3: 6.5
github
почти 2 года назад
A privilege escalation issue existed in FileMaker Server, potentially exposing sensitive information to front-end websites when signed in to the Admin Console with an administrator role. This issue has been fixed in FileMaker Server 20.3.1 by reducing the information sent in requests.
EPSS
Процентиль: 52%
0.00287
Низкий
4.9 Medium
CVSS3
6.5 Medium
CVSS3
Дефекты
NVD-CWE-noinfo
CWE-250