CVE-2024-9333

Published: Oct 2, 2024

Modified: Feb 23, 2026

PUBLISHED

Description

Permissions bypass in M-Files Connector for Copilot before version 24.9.3 allows authenticated user to access limited amount of documents via incorrect access control list calculation

Vendor	Product	Versions
M-Files Corporation	M-Files Connector for Copilot	affected `0 - < 24.9.3`

Weaknesses (CWE)

CWE-281

References

https://product.m-files.com/security-advisories/cve-2024-9333/

vendor-advisory

https://empower.m-files.com/security-advisories/CVE-2024-9333

vendor-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-9333

Description

Affected Products

Weaknesses (CWE)

References