About
Search
Welcome to M-Files Empower – our new support experience. We'd love to hear what you think!Give feedback
Home/Product information and downloads/Security advisories

CVE-2021-37254 Information Disclosure Vulnerability

2021-10-27

Description

In M-Files Web product with versions before 20.10.9524.1 and 20.10.9445.0, a remote attacker could use a flaw to obtain unauthenticated access to 3rd party component license key information on server.

Affected products

M-Files Web version before 20.10.9524.1 M-Files Web version before 20.10.9445.0

More information

M-Files Web revealed 3rd party license key. This vulnerability does not have impact on customer data. We thank Murat Aydemir from Cyberwise (Turkey) for responsible disclosure.

On this page
Description
Affected products
More information
Popular links
What is enterprise content management?Business process managementCollaboration solutionsSolutions by industryKey capabilities
About M-Files
Contact usSchedule a demoCareersTrust CenterPrivacy policySecurity Hall of Fame
Resources
Customer Support PortalPartner HubDeveloper PortalUser guideM-Files CommunityTerms and conditions