Unauthenticated Data Write and Export Vulnerability in M-Files Server

Unauthenticated Data Write and Export Vulnerability in M-Files Server

CVE-2023-6189 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Missing access permissions checks in the M-Files server before 23.11.13156.0 allow attackers to perform data write and export jobs using the M-Files API methods.

Learn more about our Cis Benchmark Audit For Server Software.