← Back to CVEs
CVE-2021-41808
LOW2.0
Description
In M-Files Server product with versions before 21.11.10775.0, enabling logging of Federated authentication to event log wrote sensitive information to log. Mitigating factors are logging is disabled by default.
CVE Details
CVSS v3.1 Score2.0
SeverityLOW
CVSS VectorCVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N
Attack VectorLOCAL
ComplexityLOW
Privileges RequiredHIGH
User InteractionREQUIRED
Published1/18/2022
Last Modified2/23/2026
Sourcenvd
Honeypot Sightings0
Affected Products
m-files:m-files_server
Weaknesses (CWE)
CWE-532CWE-532
References
https://empower.m-files.com/security-advisories/CVE-2021-41808(security@m-files.com)
https://www.m-files.com/about/trust-center/security-vulnerabilities/cve-2021-41808/(security@m-files.com)
https://www.m-files.com/about/trust-center/security-vulnerabilities/cve-2021-41808/(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.