CVE-2023-42955

Name of the Vulnerable Software and Affected Versions FileMaker Server versions prior to 20.3.1

Description The issue potentially exposed password information to front-end websites when signed in to the Admin Console with an administrator role. This was resolved by eliminating the send of Admin Role passwords in the Node.js socket.

Recommendations For versions prior to 20.3.1, update to FileMaker Server 20.3.1 to resolve the issue. As a temporary workaround, consider restricting access to the Admin Console to minimize the risk of exploitation.