← Voltar para CVEs
CVE-2021-41808
LOW2.0
Descricao
In M-Files Server product with versions before 21.11.10775.0, enabling logging of Federated authentication to event log wrote sensitive information to log. Mitigating factors are logging is disabled by default.
Detalhes CVE
Pontuacao CVSS v3.12.0
SeveridadeLOW
Vetor CVSSCVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N
Vetor de ataqueLOCAL
ComplexidadeLOW
Privilegios necessariosHIGH
Interacao do usuarioREQUIRED
Publicado1/18/2022
Ultima modificacao2/23/2026
Fontenvd
Avistamentos honeypot0
Produtos afetados
m-files:m-files_server
Fraquezas (CWE)
CWE-532CWE-532
Referencias
https://empower.m-files.com/security-advisories/CVE-2021-41808(security@m-files.com)
https://www.m-files.com/about/trust-center/security-vulnerabilities/cve-2021-41808/(security@m-files.com)
https://www.m-files.com/about/trust-center/security-vulnerabilities/cve-2021-41808/(af854a3a-2127-422b-91ae-364da2661108)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.