Incorrect implementation in authentication protocol in M-Files Client before 22.5.11356.0 allows high privileged user to get other users tokens to another resource.
References
Link | Resource |
---|---|
https://www.m-files.com/about/trust-center/security-advisories/cve-2022-4861/ | Broken Link |
Configurations
History
06 Jan 2023, 18:58
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://www.m-files.com/about/trust-center/security-advisories/cve-2022-4861/ - Broken Link | |
First Time |
M-files
M-files m-files Client |
|
CWE | CWE-287 | |
CPE | cpe:2.3:a:m-files:m-files_client:*:*:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 4.9 |
30 Dec 2022, 15:15
Type | Values Removed | Values Added |
---|---|---|
Summary | Incorrect implementation in authentication protocol in M-Files Client before 22.5.11356.0 allows high privileged user to get other users tokens to another resource. |
30 Dec 2022, 14:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-12-30 14:15
Updated : 2023-12-10 14:48
NVD link : CVE-2022-4861
Mitre link : CVE-2022-4861
CVE.ORG link : CVE-2022-4861
JSON object : View
Products Affected
m-files
- m-files_client