CVE-2023-6189

Summary

Missing access permissions checks

in the M-Files server before 23.11.13156.0 allow attackers to perform data write and export

jobs using the M-Files API methods.

Affected Software

VendorProductVersion RangeStatus
M-FilesM-Files Server0 < 23.11.13156.0affected

Weaknesses

  • CWE-280: CWE-280 Improper Handling of Insufficient Permissions or Privileges

ADP Enrichment

CVE Program Container

Additional References

References