CVE-2024-4056

Summary

Denial of service condition in M-Files Server in versions before 24.4.13592.4 and after 23.11 (excluding 24.2 LTS) allows unauthenticated user to consume computing resources.

Affected Software

VendorProductVersion RangeStatus
M-Files CorporationM-Files Server23.11 < 24.4.13592.4affected
M-Files CorporationM-Files Server24.2 LTSunaffected

Weaknesses

  • CWE-1333: CWE-1333: Inefficient Regular Expression Complexity

Workarounds

No workaround available on affected versions.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

CVE Program Container

Additional References

References