CVE-2024-4056

EUVD-2024-32621
Denial of service condition in M-Files Server in versions before 24.4.13592.4 and after 23.11 (excluding 24.2 LTS) allows unauthenticated user to consume computing resources.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
M-Files CorporationCNA
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 59%
Affected Products (NVD)
VendorProductVersion
m-filesm-files_server
23.11.13168.6 ≤
𝑥
< 24.4.13592
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://empower.m-files.com/security-advisories/CVE-2024-4056
https://product.m-files.com/security-advisories/cve-2024-4056/
https://www.m-files.com/about/trust-center/security-advisories/cve-2024-4056/