Lack of protection against brute force attacks in M-Files...
High severity
Unreviewed
Published
Dec 20, 2023
to the GitHub Advisory Database
Description
Published by the National Vulnerability Database
Dec 20, 2023
Published to the GitHub Advisory Database
Dec 20, 2023
Lack of protection against brute force attacks in M-Files Server before 23.12.13205.0 allows an attacker unlimited authentication attempts, potentially compromising targeted M-Files user accounts by guessing passwords.
References