Lack of rate limiting in M-Files Server and M-Files Web products with versions before 21.12.10873.0 in certain type of user accounts allows unlimited amount of attempts and therefore makes brute-forcing login accounts easier.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: M-Files Corporation

Published: 2022-01-18T16:51:50.929804Z

Updated: 2024-09-16T21:02:53.545Z

Reserved: 2021-09-29T00:00:00

Link: CVE-2021-41807

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-01-18T17:15:08.837

Modified: 2024-11-21T06:26:47.950

Link: CVE-2021-41807

cve-icon Redhat

No data.