CVE-2014-8347

An Authentication Bypass vulnerability exists in the MatchPasswordData function in DBEngine.dll in Filemaker Pro 13.03 and Filemaker Pro Advanced 12.04, which could let a malicious user obtain elevated privileges.
References
Link Resource
http://packetstormsecurity.com/files/128853/Filemaker-Login-Bypass-Privilege-Escalation.html Exploit Third Party Advisory VDB Entry
http://www.exploit-db.com/exploits/35077 Exploit Third Party Advisory VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/97780 Third Party Advisory VDB Entry
https://lists.openwall.net/bugtraq/2014/10/27/4 Exploit Third Party Advisory
https://www.securityfocus.com/archive/1/533814 Exploit Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:claris:filemaker_pro:13.03:*:*:*:*:*:*:*
cpe:2.3:a:claris:filemaker_pro_advanced:12.0.4.0:*:*:*:*:*:*:*

History

No history.

Information

Published : 2020-02-11 14:15

Updated : 2024-02-28 17:28


NVD link : CVE-2014-8347

Mitre link : CVE-2014-8347

CVE.ORG link : CVE-2014-8347


JSON object : View

Products Affected

claris

  • filemaker_pro_advanced
  • filemaker_pro
CWE
CWE-287

Improper Authentication