Vulnerabilities > CVE-2023-5523 - Inclusion of Functionality from Untrusted Control Sphere vulnerability in M-Files web Companion 23.8

047910
CVSS 7.8 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
local
low complexity
m-files
CWE-829

Summary

Execution of downloaded content flaw in M-Files Web Companion before release version 23.10 and LTS Service Release Versions before 23.8 LTS SR1 allows Remote Code Execution

Vulnerable Configurations

Part Description Count
Application
M-Files
3