A Comprehensive Guide to Enhancements and Key Features Dimitris Kokoutsidis, Nov 9, 2024, CyberFM Table of Contents Introduction To top Claris has once again expanded the functionality and reliability of its flagship database server with the release of FileMaker Server 2024 Version 21.1. This latest release is packed with new capabilities aimed at enhancing network
Source: https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=FileMaker There are 16 CVE Records that match FileMaker in MITRE database. There is another CVE for 2024, CVE-2024-23202, as mentioned in https://cyberfm.eu/fms-privilege-escalation/ and https://fm-security.com/posts/priv_esc/ that is not published yet. Name Description CVE-2024-27794 Claris FileMaker Server before version 20.3.2 was susceptible to a reflected Cross-Site Scripting vulnerability due to an improperly handled parameter in the FileMaker
Ensuring Cyber Resilience in Manufacturing: Navigating NIS 2 Requirements with FileMaker Solutions Dimitris Kokoutsidis, Oct 16, 2024, CyberFM Understanding the practical implications of the NIS 2 Directive is crucial for manufacturing companies that rely on FileMaker solutions. The following detailed scenarios illustrate potential risks and challenges that such companies may face, along with the obligations
Essential Security Tips for Protecting Your FileMaker Solutions Source: https://www.mbsplugins.de/archive/2024-10-14/Security_tidbits_for_FileMaker/monkeybreadsoftware_blog_filemaker We talked about various things at the FileMaker conference in Rome and security is a concern for everyone. Especially as scripted attacks got frequently. Rename Admin Have you ever put a FileMaker Server on the internet? You may note that people knowing your address try
Uncovering Access and Role Restriction Vulnerabilities in the FileMaker Server Admin Console Source: https://davidhamann.de/2024/10/09/fms-bypassing-restrictions/ With a few security features added to the FileMaker Server Admin Console in the last few versions, I decided to play around with them to see how they are implemented. In this article I want to highlight three of the issues
Dimitris Kokoutsidis, Sept 26, 2024, CyberFM 1. Audit Overview Objective:The goal of an audit is to ensure the reliability, security, and operational effectiveness of the FileMaker solution. The audit process involves identifying potential points of failure or security risks in the system and addressing them proactively. Process: Documentation Tips:Maintain both physical and digital copies of
Dimitris Kokoutsidis, Sept 26, 2024, CyberFM Introduction In the rapidly evolving landscape of artificial intelligence, Large Language Models (LLMs) like GPT-4 have become integral to numerous applications, including chatbots, virtual assistants, content generation, and more. While these models offer remarkable capabilities, they also introduce a new set of security challenges that must be addressed to
Bypass authorization of FileMaker Server or “there is no such category” Source: https://fm-security.com/posts/bypass_auth/ CVE FileMaker Server CVE-2024-27790 Menu Introduction In the summer of 2023, I decided to investigate the internal communication protocol between FileMaker clients and the server. This led to the discovery of perhaps the most significant vulnerability in the platform’s history. I discovered that it
Dirk Schittko, Oct 1, 2024, FileMaker Konferenz 2024 Menu At FMK 2024, Dirk Schittko delivered an insightful talk on the intricacies of setting up and managing FileMaker Server on Linux, particularly on Ubuntu. FileMaker Server, traditionally a Windows or macOS application, has found a new home in Linux, offering increased performance, cost savings, and reliability
Jasper Schoonackers (Lesterius), Doug Wallis, and Sangita Banerjee (Claris) , Claris Community Live 6 Data breaches and cyber threats are becoming increasingly sophisticated, the security of your database systems is more critical than ever. Claris FileMaker 2024 introduces a comprehensive suite of new security features and enhancements designed to help developers, administrators, and organizations protect
Wim Decorte, Doug Wallis, Jun 13, 2024, Claris Community Live 1. Introduction Security in FileMaker development has evolved from a “nice-to-have” feature to an absolute necessity. In the third Claris Community Live event, Rosemary Tietge, along with experts Wim Decorte and Doug Wallis, walked through the most relevant security challenges, solutions, and best practices for
Wim Decorte, Jacob Taylor, Jun 11, 2024, In this blog post, we take a deep dive into the FileMaker 2024 Server (also known as FileMaker 21) Q&A session featuring experts Wim Decorte from Soliant Consulting and Jacob Taylor from RCC. This session provided a comprehensive look at FileMaker Server’s latest features, performance optimizations, and essential
Wim Decorte, Claris Engage 2024 As the complexity of digital ecosystems continues to evolve, ensuring the security of the applications we build has never been more important. With the increasing sophistication of attacks, even a small oversight can lead to catastrophic results such as data breaches, fines, or damage to reputation. This blog post delves
Claus Lavendt, Claris Engage 2024 Menu Introduction Welcome to this comprehensive guide on installing and configuring Claris FileMaker Server, with insights from Claus Lavendt’s presentation. This expanded version aims to provide you with not only the necessary technical steps but also the critical reasoning behind them. By delving into network architecture, backup strategies, and security
Claris Engineering Blog December 29, 2020 Updates: In Windows and macOS, Claris FileMaker Server versions before 19.5.2 support Custom Web Publishing (CWP) with PHP. However, PHP is no longer bundled with FileMaker Server on Windows or macOS. Additionally, CWP with PHP is deprecated starting with FileMaker Server 19.5.2. This engineering blog describes bundling PHP with FileMaker Server,