CVE-2023-3406

CVSS v3.1

7.7

High

Vector

AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions M-Files Classic Web versions below 23.6.12695.3 M-Files Classic Web LTS Service Release Versions before 23.2 LTS SR3

Description The issue allows an authenticated user to read some restricted files on the web server due to a Path Traversal problem.

Recommendations For M-Files Classic Web versions below 23.6.12695.3, update to version 23.6.12695.3 or later. For M-Files Classic Web LTS Service Release Versions before 23.2 LTS SR3, update to 23.2 LTS SR3 or later.

Fix

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-22

Related Identifiers

CVE-2023-3406

Affected Products

M-Files Classic Web

CVE-2023-3406

Weakness Enumeration

Related Identifiers

Affected Products

References · 7