Lack of protection against brute force attacks in M-Files Server before 23.12.13205.0 allows an attacker unlimited authentication attempts, potentially compromising targeted M-Files user accounts by guessing passwords.
References
Link | Resource |
---|---|
https://www.m-files.com/about/trust-center/security-advisories/cve-2023-6912/ | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: M-Files Corporation
Published: 2023-12-20T09:35:46.232Z
Updated: 2024-01-30T15:49:09.950Z
Reserved: 2023-12-18T08:33:42.158Z
Link: CVE-2023-6912
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-12-20T10:15:08.703
Modified: 2023-12-28T20:21:13.940
Link: CVE-2023-6912
JSON object: View
Redhat Information
No data.
CWE