Unrated severityNVD Advisory· Published Jan 18, 2022· Updated Feb 23, 2026
Lack of rate limiting in M-Files Server and M-Files Web products with versions before 21.12.10873.0, allows brute-forcing of certain type of user accounts.
CVE-2021-41807
Description
Lack of rate limiting in M-Files Server and M-Files Web products with versions before 21.12.10873.0 in certain type of user accounts allows unlimited amount of attempts and therefore makes brute-forcing login accounts easier.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4<21.12.10873.0+ 1 more
- (no CPE)range: <21.12.10873.0
- (no CPE)range: Classic
<21.12.10873.0+ 1 more
- (no CPE)range: <21.12.10873.0
- (no CPE)range: Online
Patches
Vulnerability mechanics
References
2- empower.m-files.com/security-advisories/CVE-2021-41807mitrevendor-advisory
- www.m-files.com/about/trust-center/security-vulnerabilities/cve-2021-41807/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.