Access Control List Calculation Bypass in M-Files Connector for Copilot
CVE-2024-9333

Currently unrated

Key Information:

Vendor: M-files Corporation
Status: M-files Connector For Copilot
Vendor: CVE Published:; 2 October 2024

🔔 Create M-files Corporation Vulnerability Alert

What is CVE-2024-9333?

Permissions bypass in M-Files Connector for Copilot before version 24.9.3 allows authenticated user to access limited amount of documents via incorrect access control list calculation

Affected Version(s)

M-Files Connector for Copilot 0 < 24.9.3

References

https://product.m-files.com/security-advisories/cve-2024-...

vendor-advisory

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 2, 2024
Vulnerability Reserved
Sep 30, 2024