Back

CVE-2023-42955

May 14, 2024, 4:13 p.m.

Awaiting Analysis
CVE has been recently published to the CVE List and has been received by the NVD.

Products

FileMaker Server

  • 20.3.1

Source

product-security@apple.com

Tags

2024-05-14
CVE-2023-42955
product-security@apple.com

CVE-2023-42955 details

Published : May 14, 2024, 1:46 p.m.
Last Modified : May 14, 2024, 4:13 p.m.

Description

Claris International has successfully resolved an issue of potentially exposing password information to front-end websites when signed in to the Admin Console with an administrator role. This issue has been fixed in FileMaker Server 20.3.1 by eliminating the send of Admin Role passwords in the Node.js socket.

CVSS Score

1 2 3 4 5 6 7 8 9 10

Weakness

Weakness Name Description

References

URL Source
https://support.claris.com/s/article/Administrator-role-passwords-being-exposed-when-logged-into-the-Admin-Console?language=en_US product-security@apple.com
This website uses the NVD API, but is not approved or certified by it.