6.5
CVE-2024-0563
- EPSS 0.71%
- Veröffentlicht 23.02.2024 09:15:22
- Zuletzt bearbeitet 23.02.2026 11:16:16
- Quelle security@m-files.com
- CVE-Watchlists
- Unerledigt
Denial of service condition in M-Files Server
Denial of service condition in M-Files Server in versions before 24.2 (excluding 23.2 SR7 and 23.8 SR5) allows anonymous user to cause denial of service against other anonymous users.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
M-files ≫ M-files Server SwEdition- Version < 23.2.12340.6
M-files ≫ M-files Server SwEdition- Version > 23.2.12340.6 < 23.8.12892.6
M-files ≫ M-files Server SwEditionlts Version >= 23.2.12340.6 < 23.8.12892.17
M-files ≫ M-files Server SwEdition- Version > 23.8.12892.6 < 24.2.13421.8
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.71% | 0.485 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
| security@m-files.com | 4.3 | 2.8 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
|
CWE-770 Allocation of Resources Without Limits or Throttling
The product allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor.
https://product.m-files.com/security-advisories/cve-2024-0563/
https://www.m-files.com/about/trust-center/security-advisories/cve-2024-0563/
https://empower.m-files.com/security-advisories/CVE-2024-0563