CVE-2024-10127

Authentication bypass condition in LDAP authentication in M-Files server versions before 24.11 supported usage of OpenLDAP configurations that allowed user authentication without a password when the LDAP server itself had the vulnerable configuration.

More information : https://product.m-files.com/security-advisories/CVE-2024-10127

Attack vector :
Attack complexity :
Privileges required :
User interaction :
Confidentiality impact :
Integrity impact :
Base score :
Base severity :
Exploitability score :
Impact score :