Описание
Lack of protection against brute force attacks in M-Files Server before 23.12.13205.0 allows an attacker unlimited authentication attempts, potentially compromising targeted M-Files user accounts by guessing passwords.
Уязвимые конфигурации
Конфигурация 1Версия до 23.12.13205.0 (исключая)
cpe:2.3:a:m-files:m-files_server:*:*:*:*:*:*:*:*
EPSS
Процентиль: 29%
0.00101
Низкий
7.5 High
CVSS3
9.8 Critical
CVSS3
Дефекты
CWE-307
CWE-307
Связанные уязвимости
CVSS3: 7.5
github
около 2 лет назад
Lack of protection against brute force attacks in M-Files Server before 23.12.13205.0 allows an attacker unlimited authentication attempts, potentially compromising targeted M-Files user accounts by guessing passwords.
EPSS
Процентиль: 29%
0.00101
Низкий
7.5 High
CVSS3
9.8 Critical
CVSS3
Дефекты
CWE-307
CWE-307