PT-2024-15660 · M Files · M-Files Server
Published
2024-02-23
·
Updated
2026-02-23
·
CVE-2024-0563
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
M-Files Server versions prior to 24.2 (excluding 23.2 SR7 and 23.8 SR5)
Description
The issue allows an anonymous user to cause a denial of service against other anonymous users.
Recommendations
For versions prior to 24.2, update to version 24.2 or later to resolve the issue.
For versions 23.2 SR7 and 23.8 SR5, no action is required as these versions are not affected.
As a temporary workaround, consider restricting access to anonymous users until a patch is available.
Fix
DoS
Allocation of Resources Without Limits
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
M-Files Server