CVE-2023-6912

Published: Dic 20, 2023 Last Modified: Feb 23, 2026 EU-VD ID: EUVD-2023-59111 Aliases: GSD-2023-6912
ExploitDB:
Other exploit source:
Google Dorks:
HIGH 7,5
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: none
User Interaction: none
Scope: unchanged
Confidentiality: high
Integrity: none
Availability: none

Description

AI Translation Available

Lack of protection against brute force attacks in M-Files Server before 23.12.13205.0 allows an attacker unlimited authentication attempts, potentially compromising targeted M-Files user accounts by guessing passwords.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score
0,0010
Percentile
0,3th
Updated

EPSS Score Trend (Last 90 Days)

307

Improper Restriction of Excessive Authentication Attempts

Draft
Abstraction: Base Structure: Simple
Common Consequences
Security Scopes Affected:
Access Control
Potential Impacts:
Bypass Protection Mechanism
Applicable Platforms
All platforms may be affected
View CWE Details
Application

M-Files Server by M-Files

Product Information
Vendor M-Files
Product M-Files Server
Version Range Affected
To 23.12.13205.0 (exclusive)
cpe:2.3:a:m-files:m-files_server:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://www.m-files.com/about/trust-center/security-advisor…
https://www.m-files.com/about/trust-center/security-advisories/cve-2023-6912/
https://empower.m-files.com/security-advisories/CVE-2023-69…
https://empower.m-files.com/security-advisories/CVE-2023-6912
https://product.m-files.com/security-advisories/cve-2023-69…
https://product.m-files.com/security-advisories/cve-2023-6912/