CVE-2023-6910

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Dec 20, 2023

Updated: Dec 28, 2023

CWE ID 770

Summary

CVE-2023-6910 is a vulnerability affecting M-Files Server versions prior to 23.12.13195.0. This issue involves a flawed API method that allows authenticated attackers to trigger uncontrolled resource consumption, leading to server storage exhaustion. Once the server storage space is depleted, the server becomes unable to process requests, rendering it unavailable to users. This vulnerability could result in significant downtime and disruption to business operations.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

M-Files

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/t134Fg
https://www.cve.org/CVERecord?id=CVE-2023-6910
https://nvd.nist.gov/vuln/detail/CVE-2023-6910

Back to Vulnerability Database

CVE-2023-6910

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations