How severe is CVE-2024-10127?

CVE-2024-10127 has a CVSS v3 score of 9.8 (CRITICAL).

CVE-2024-10127

Name: m-files_server
Author: m-files

9.8CRITICAL

Authentication bypass condition in LDAP authentication in M-Files server versions before 24.11 supported usage of OpenLDAP configurations that allowed user authentication without a password when the L

Veröffentlicht: 11/20/2024Aktualisiert: 10/29/2025

Beschreibung

Authentication bypass condition in LDAP authentication in M-Files server versions before 24.11 supported usage of OpenLDAP configurations that allowed user authentication without a password when the LDAP server itself had the vulnerable configuration.

KI-AnalyseKI-gestützt

Betroffene Produkte

m-filesm-files_server

Referenzen

https://product.m-files.com/security-advisories/CVE-2024-10127
Vendor Advisory