6.5
CVE-2024-0563
- EPSS 0.12%
- Veröffentlicht 23.02.2024 09:15:22
- Zuletzt bearbeitet 23.02.2026 11:16:16
- Quelle security@m-files.com
- CVE-Watchlists
- Unerledigt
Denial of service condition in M-Files Server in versions before 24.2 (excluding 23.2 SR7 and 23.8 SR5) allows anonymous user to cause denial of service against other anonymous users.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
LoginDaten sind bereitgestellt durch National Vulnerability Database (NVD)
M-files ≫ M-files Server SwEdition- Version < 23.2.12340.6
M-files ≫ M-files Server SwEdition- Version > 23.2.12340.6 < 23.8.12892.6
M-files ≫ M-files Server SwEditionlts Version >= 23.2.12340.6 < 23.8.12892.17
M-files ≫ M-files Server SwEdition- Version > 23.8.12892.6 < 24.2.13421.8
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.12% | 0.315 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
| security@m-files.com | 4.3 | 2.8 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
|
CWE-770 Allocation of Resources Without Limits or Throttling
The product allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor.