Vulnerability Details CVE-2025-14318
Improper access checks in M-Files Server before 25.12.15491.7 allows users to download files through M-Files Web using Web Companion despite Print and Download Prevention module being enabled.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 11.8%
CVSS Severity
CVSS v3 Score 4.3
References
Products affected by CVE-2025-14318
-
cpe:2.3:a:m-files:m-files_server:-
-
cpe:2.3:a:m-files:m-files_server:23.11.13168.6
-
cpe:2.3:a:m-files:m-files_server:23.2.12340.6
-
cpe:2.3:a:m-files:m-files_server:23.8.12892.6
-
cpe:2.3:a:m-files:m-files_server:24.11.14245.5
-
cpe:2.3:a:m-files:m-files_server:24.2.13421.11
-
cpe:2.3:a:m-files:m-files_server:24.2.13421.17
-
cpe:2.3:a:m-files:m-files_server:24.2.13421.8
-
cpe:2.3:a:m-files:m-files_server:24.4.13592
-
cpe:2.3:a:m-files:m-files_server:24.8.13981.0
-
cpe:2.3:a:m-files:m-files_server:24.8.13981.11
-
cpe:2.3:a:m-files:m-files_server:24.8.13981.4
-
cpe:2.3:a:m-files:m-files_server:24.8.13981.8
-
cpe:2.3:a:m-files:m-files_server:24.9.14055.3
-
cpe:2.3:a:m-files:m-files_server:25.11.15392.1
-
cpe:2.3:a:m-files:m-files_server:25.12
-
cpe:2.3:a:m-files:m-files_server:25.3.14549
-
cpe:2.3:a:m-files:m-files_server:25.3.14681.7
-
cpe:2.3:a:m-files:m-files_server:25.6.14925.0