CVE-2024-4056

HIGH

M-Files Server <24.4.13592.4, >23.11 - DoS

Title source: llm

Description

Denial of service condition in M-Files Server in versions before 24.4.13592.4 and after 23.11 (excluding 24.2 LTS) allows unauthenticated user to consume computing resources.

References (3)

Core 3

Core References

Various Sources vendor-advisory

https://empower.m-files.com/security-advisories/CVE-2024-4056

Vendor Advisory

https://www.m-files.com/about/trust-center/security-advisories/cve-2024-4056/

Vendor Advisory vendor-advisory

https://product.m-files.com/security-advisories/cve-2024-4056/

Scores

CVSS v3 7.5

EPSS 0.0077

EPSS Percentile 50.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-1333

Status published

Products (1)

m-files/m-files_server 23.11.13168.6 - 24.4.13592

Published Apr 26, 2024

Tracked Since Feb 18, 2026