M-Files Server Improper User Isolation Vulnerability Allowing Denial-of-Service Impact

Vulnerability

A vulnerability in M-Files Server versions prior to 25.3.14549 on Windows allows anonymous users to improperly interact with each other's views. This issue could potentially lead to a denial-of-service condition on the server. Although anonymous access is typically disabled by default, if it is enabled, an anonymous user could create and delete views, affecting other users in the same role.

Impact

Exploitation of this vulnerability could disrupt server operations by allowing anonymous users to create and delete views, potentially leading to a denial-of-service condition.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

1.3

exploitability

5.9

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

1.3

exploitability

5.9

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

M-Files Server Improper User Isolation Vulnerability Allowing Denial-of-Service Impact

Vulnerability

Impact

Affected Products

M-Files Server

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating