CVE-2023-6189

Medium

Missing access permissions checks in the M-Files server before 23.11.13156.0 allow attackers to perform data write and export jobs using…

M-Files Corporation·CWE-280·Published 2023-11-22

CVSS

5.3

EPSS

0.01

KEV

Exploits

cve.orgen

164 chars

Missing access permissions checks in the M-Files server before 23.11.13156.0 allow attackers to perform data write and export jobs using the M-Files API methods.

NVDen

164 chars

Missing access permissions checks in the M-Files server before 23.11.13156.0 allow attackers to perform data write and export jobs using the M-Files API methods.

NVDes

218 chars

Las comprobaciones de permisos de acceso faltantes en el servidor M-Files anteriores a 23.11.13156.0 permiten a los atacantes realizar trabajos de escritura y exportación de datos utilizando los métodos API de M-Files.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	NVD	5.3	3.9	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
3.1	Primary	cve.org	4.3	—	—	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N