About
Search
Welcome to M-Files Empower – our new support experience. We'd love to hear what you think!Give feedback
Home/Product information and downloads/Security advisories

CVE-2024-6789 Path traversal in M-Files API

2024-08-27

Description

A path traversal issue in API endpoint in M-Files Server before version 24.8.13981.0 and before version LTS 24.2.13421.15 allows authenticated user to read files.

Affected products

M-Files Server before 24.8.13981.0 M-Files Server before 24.2 LTS SR2 (24.2.13421.15) M-Files Server before 23.8 LTS SR6 (23.8.12892.0)

Exploitability

Publicly disclosed: No Exploited: No Probability of exploitation: low – internally found

Links

History

2024-08-27 Published 2024-09-16 Updated affected LTS versions

On this page
Description
Affected products
Exploitability
Links
History
Popular links
What is enterprise content management?Business process managementCollaboration solutionsSolutions by industryKey capabilities
About M-Files
Contact usSchedule a demoCareersTrust CenterPrivacy policySecurity Hall of Fame
Resources
Customer Support PortalPartner HubDeveloper PortalUser guideM-Files CommunityTerms and conditions