Vulnerabilities > CVE-2021-41807 - Improper Restriction of Excessive Authentication Attempts vulnerability in M-Files Server and M-Files web
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
Lack of rate limiting in M-Files Server and M-Files Web products with versions before 21.12.10873.0 in certain type of user accounts allows unlimited amount of attempts and therefore makes brute-forcing login accounts easier.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |