R17.0V23

CVSS 8.1 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

NONE

network

low complexity

isode

NVD

Published: 2023-01-01

Updated: 2023-01-09

Summary

M-Link Archive Server in Isode M-Link R16.2v1 through R17.0 before R17.0v24 allows non-administrative users to access and manipulate archive data via certain HTTP endpoints, aka LINK-2867.

Vulnerable Configurations

Part	Description	Count
Application	Isode Isode M Link R16.2V1 Isode M Link R17.0V23	2

References

https://www.isode.com/support/security/advisory/m-link-incorrect-access-control-vulnerability-21-12-2022.html