PT-2025-51765 · Clarisa · Filemaker Server

Published

2025-12-16

Updated

2025-12-17

CVE-2025-46296

CVSS v3.1

5.4

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions FileMaker Server versions prior to 22.0.4

Description An authorization bypass issue existed in the FileMaker Server Admin Console. This allowed administrator roles with limited privileges to access administrative functions, including viewing license details and downloading application logs.

Recommendations Update to FileMaker Server version 22.0.4.

Fix

Improper Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-285

Related Identifiers

CVE-2025-46296

Affected Products

Filemaker Server

PT-2025-51765 · Clarisa · Filemaker Server

CVE-2025-46296

Weakness Enumeration

Related Identifiers

Affected Products

References · 5