About
Search
Welcome to M-Files Empower – our new support experience. We'd love to hear what you think!Give feedback
Home/Product information and downloads/Security advisories

CVE-2023-3405 Denial of service in M-Files Server

2023-06-28

Description

Unchecked parameter value in M-Files Server in versions before 23.6.12695.3 (excluding 23.2 SR2 and newer) allows anonymous user to cause denial of service

Affected products

M-Files Server before 23.6.12695.3 (excluding 23.2 SR2 and newer)

More information

Unchecked parameter value can cause uncaught exception and then crash M-Files Server causing denial of service condition. CVSS 3.1 Score: 7.5 CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CWE: CWE-248 Uncaught Exception CAPEC: CAPEC-129 Pointer Manipulation Internal ID: 167238

Links

On this page
Description
Affected products
More information
Links
Popular links
What is enterprise content management?Business process managementCollaboration solutionsSolutions by industryKey capabilities
About M-Files
Contact usSchedule a demoCareersTrust CenterPrivacy policySecurity Hall of Fame
Resources
Customer Support PortalPartner HubDeveloper PortalUser guideM-Files CommunityTerms and conditions