How severe is CVE-2023-2480?

CVE-2023-2480 has a CVSS v3 score of 7.5 (HIGH).

CVE-2023-2480

Name: m-files
Author: m-files

7.5HIGH

Missing access permissions checks in M-Files Client before 23.5.12598.0 (excluding 23.2 SR2 and newer) allows elevation of privilege via UI extension applications

Published: 5/25/2023Updated: 11/21/2024

Description

Missing access permissions checks in M-Files Client before 23.5.12598.0 (excluding 23.2 SR2 and newer) allows elevation of privilege via UI extension applications

AI AnalysisPowered by AI

Affected Products

m-filesm-files

References

https://product.m-files.com/security-advisories/cve-2023-2480/
https://www.m-files.com/about/trust-center/security-advisories/cve-2023-2480/
Vendor Advisory
https://https://www.m-files.com/about/trust-center/security-advisories/cve-2023-2480/