CVE-2021-41808 : Security Advisory and Response
Learn about CVE-2021-41808 affecting M-Files Server versions before 21.11.10775.0. Find out the impact, affected systems, and mitigation steps. Upgrade to the latest version for security.
In M-Files Server product with versions before 21.11.10775.0, enabling logging of Federated authentication to event log wrote sensitive information to log. Mitigating factors are logging is disabled by default.
Understanding CVE-2021-41808
What is CVE-2021-41808?
CVE-2021-41808 affects M-Files Server versions earlier than 21.11.10775.0, where enabling logging of Federated authentication writes sensitive data to logs.
The Impact of CVE-2021-41808
The vulnerability has a CVSS base score of 2 (Low severity). It allows high privileges to write sensitive information to logs.
Technical Details of CVE-2021-41808
Vulnerability Description
The issue involves the logging of Federated authentication, exposing critical information in the event log.
Affected Systems and Versions
- Product: M-Files Server
- Versions affected: Online, 2018
- Versions less than: 21.11.10775.0
Exploitation Mechanism
The vulnerability requires high privileges and user interaction to enable logging, resulting in information exposure.
Mitigation and Prevention
Immediate Steps to Take
- Disable logging of Federated authentication if not essential.
- Upgrade to M-Files version 21.11.10775.0 or newer.
Long-Term Security Practices
- Regularly review and audit log configurations.
- Implement the principle of least privilege to limit access to sensitive logs.
Patching and Updates
- Apply software updates promptly to mitigate the vulnerability.