Vulnerabilities > CVE-2024-27790 - Unspecified vulnerability in Claris Filemaker Server

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

claris

NVD

Published: 2024-05-14

Updated: 2024-12-09

Summary

Claris International has resolved an issue of potentially allowing unauthorized access to records stored in databases hosted on FileMaker Server. This issue has been fixed in FileMaker Server 20.3.2 by validating transactions before replying to client requests.

Vulnerable Configurations

Part	Description	Count
Application	Claris Claris Filemaker Server - Claris Filemaker Server 19.1.2 Claris Filemaker Server 19.2.1 Claris Filemaker Server 19.3.1 Claris Filemaker Server 19.3.2 Claris Filemaker Server 19.4.1 Claris Filemaker Server 20.1.1 Claris Filemaker Server 20.1.2 Claris Filemaker Server 20.2.1 Claris Filemaker Server 20.3.1	10

References

https://support.claris.com/s/answerview?anum=000041674&language=en_US
https://support.claris.com/s/answerview?anum=000041674&language=en_US