Skip to main content

M Files

3 CVEs product

Monthly

CVE-2023-2480 HIGH This Week

Missing access permissions checks in M-Files Client before 23.5.12598.0 (excluding 23.2 SR2 and newer) allows elevation of privilege via UI extension applications. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure M Files
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-0213 HIGH This Week

Elevation of privilege issue in M-Files Installer versions before 22.6 on Windows allows user to gain SYSTEM privileges via DLL hijacking. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft M Files
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-4264 MEDIUM This Month

Incorrect Privilege Assignment in M-Files Web (Classic) in M-Files before 22.8.11691.0 allows low privilege user to change some configuration. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation M Files
NVD
CVSS 3.1
4.3
EPSS
0.5%
EPSS 0% CVSS 7.8
HIGH This Week

Missing access permissions checks in M-Files Client before 23.5.12598.0 (excluding 23.2 SR2 and newer) allows elevation of privilege via UI extension applications. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure M Files
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Elevation of privilege issue in M-Files Installer versions before 22.6 on Windows allows user to gain SYSTEM privileges via DLL hijacking. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft M Files
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

Incorrect Privilege Assignment in M-Files Web (Classic) in M-Files before 22.8.11691.0 allows low privilege user to change some configuration. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation M Files
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy