Today > | 1 Medium vulnerabilities   -   You can now download lists of IOCs here!

CVE-2024-11176

Nov. 21, 2024, 3:15 p.m.

Product(s) Impacted

M-Files Aino

  • before 24.10

Description

Improper access control vulnerability in M-Files Aino in versions before 24.10 allowed an authenticated user to access object information via incorrect calculation of effective permissions.

Weaknesses

CWE-682
Incorrect Calculation

The product performs a calculation that generates incorrect or unintended results that are later used in security-critical decisions or resource management.

CWE ID: 682

Date

Published: Nov. 20, 2024, 9:15 a.m.

Last Modified: Nov. 21, 2024, 3:15 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

security@m-files.com

References

https://product.m-files.com/ security@m-files.com