PT-2023-32153 · M Files · M-Files Web Companion
Anton Keskisaari
·
Published
2023-10-19
·
Updated
2024-08-28
·
CVE-2023-5523
CVSS v3.1
8.6
High
| Vector | AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
M-Files Web Companion versions prior to 23.10
M-Files Web Companion LTS Service Release Versions prior to 23.8 LTS SR1
Description
The issue is related to the execution of downloaded content, which allows for Remote Code Execution. This flaw is present in M-Files Web Companion.
Recommendations
For M-Files Web Companion versions prior to 23.10, update to version 23.10 or later to resolve the issue.
For M-Files Web Companion LTS Service Release Versions prior to 23.8 LTS SR1, update to 23.8 LTS SR1 or later to resolve the issue.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
M-Files Web Companion