CNNVD-202512-3823 Information

CNNVD ID

CNNVD-202512-3823

Related CVE

CVE-2025-13008

• CNNVD Published: 2025-12-19

Description (Chinese)

M-Files Server是M-Files公司的一个 M-Files 系统的服务器。 M-Files Server存在安全漏洞，该漏洞源于认证攻击者可通过M-Files Web捕获其他活跃用户的会话令牌。以下版本受到影响：25.12.15491.7之前版本、25.8 LTS SR3版本、25.2 LTS SR3版本和24.8 LTS SR5版本。

Description (English)

M-Files Server is a server for M-Files. There is a security loophole in M-Files Server, which results from the authentication that the assailant can capture other active users through M-Files Web. The following versions were affected: 25.12.15491.7, 25.8 LTS SR3, 25.2 LTS SR3 and 24.8 LTS SR5.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

M-Files

Published

2025-12-19

Last Modified

2026-02-24

References

https://product.m-files.com/security-advisories/cve-2025-13008 https://access.redhat.com/security/cve/cve-2025-13008

Patch

https://product.m-files.com/downloads/