Vulnerability Description
Permissions bypass in M-Files Connector for Copilot before version 24.9.3 allows authenticated user to access limited amount of documents via incorrect access control list calculation
Related Weaknesses (CWE)
References
- https://empower.m-files.com/security-advisories/CVE-2024-9333
- https://product.m-files.com/security-advisories/cve-2024-9333/
FAQ
What is CVE-2024-9333?
CVE-2024-9333 is a documented vulnerability. Permissions bypass in M-Files Connector for Copilot before version 24.9.3 allows authenticated user to access limited amount of documents via incorrect access control list calculation
How severe is CVE-2024-9333?
CVSS scoring is not yet available for CVE-2024-9333. Check NVD for updates.
Is there a patch for CVE-2024-9333?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.