Vulnerabilities > M Files > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-20 | CVE-2023-6912 | Improper Restriction of Excessive Authentication Attempts vulnerability in M-Files Server Lack of protection against brute force attacks in M-Files Server before 23.12.13205.0 allows an attacker unlimited authentication attempts, potentially compromising targeted M-Files user accounts by guessing passwords. | 9.8 |
| 2022-01-18 | CVE-2021-41807 | Improper Restriction of Excessive Authentication Attempts vulnerability in M-Files Server and M-Files web Lack of rate limiting in M-Files Server and M-Files Web products with versions before 21.12.10873.0 in certain type of user accounts allows unlimited amount of attempts and therefore makes brute-forcing login accounts easier. | 9.8 |