How severe is CVE-2023-2480?

CVE-2023-2480 has a CVSS v3 score of 7.5 (HIGH).

CVE-2023-2480

Name: m-files
Author: m-files

7.5HIGH

Missing access permissions checks in M-Files Client before 23.5.12598.0 (excluding 23.2 SR2 and newer) allows elevation of privilege via UI extension applications

发布于: 5/25/2023更新于: 11/21/2024

描述

Missing access permissions checks in M-Files Client before 23.5.12598.0 (excluding 23.2 SR2 and newer) allows elevation of privilege via UI extension applications

AI分析AI驱动

受影响产品

m-filesm-files

参考资料

https://product.m-files.com/security-advisories/cve-2023-2480/
https://www.m-files.com/about/trust-center/security-advisories/cve-2023-2480/
Vendor Advisory
https://https://www.m-files.com/about/trust-center/security-advisories/cve-2023-2480/