PT-2023-18213 · M Files · Myfiles

Published

2023-02-09

Updated

2023-02-17

CVE-2023-21446

CVSS v3.1

6.2

Medium

Vector

AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions MyFiles versions prior to 12.2.09 MyFiles version 13.1.03.501 MyFiles version 14.1.00.422

Description The issue is related to improper input validation, allowing a local attacker to access data of MyFiles. This could potentially lead to unauthorized access to sensitive information.

Recommendations For MyFiles versions prior to 12.2.09, update to version 12.2.09 or later. For MyFiles version 13.1.03.501, update to a version later than 13.1.03.501. For MyFiles version 14.1.00.422, update to a version later than 14.1.00.422.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2023-21446

Affected Products

Myfiles

PT-2023-18213 · M Files · Myfiles

CVE-2023-21446

Weakness Enumeration

Related Identifiers

Affected Products

References · 3