About
Search
Welcome to M-Files Empower – our new support experience. We'd love to hear what you think!Give feedback
Home/Product information and downloads/Security advisories

CVE-2023-0383 Uncontrolled Resource Consumption in M-Files Server

2023-04-20

Description

User-controlled operations could have allowed Denial of Service in M-Files Server before 23.4.12528.1 due to uncontrolled memory consumption.

Affected products

M-Files Server before 23.4.12528.1

More information

Due to no limit anonymous users can force MFServer to reserve huge amount of memory during file download. CVSS 3.1 Score: 7.5 CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CWE: CWE-770 Allocation of Resources Without Limits or Throttling CAPEC: CAPEC-130 Excessive Allocation Internal ID: 166257

Links

History

2023-04-20 Published 2024-08-28 CWE Updated

On this page
Description
Affected products
More information
Links
History
Popular links
What is enterprise content management?Business process managementCollaboration solutionsSolutions by industryKey capabilities
About M-Files
Contact usSchedule a demoCareersTrust CenterPrivacy policySecurity Hall of Fame
Resources
Customer Support PortalPartner HubDeveloper PortalUser guideM-Files CommunityTerms and conditions