CVE-2025-58075 in Mattermost
Summary
by MITRE • 10/16/2025
Mattermost versions 10.11.x <= 10.11.1, 10.10.x <= 10.10.2, 10.5.x <= 10.5.10 fail to verify a user has permission to join a Mattermost team using the original invite token which allows any attacked to join any team on a Mattermost server regardless of restrictions via manipulating the RelayState
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
Analysis
by VulDB Data Team • 10/28/2025
CVE-2025-58075 represents a critical authorization bypass vulnerability in Mattermost server implementations affecting multiple version streams including 10.11.1, 10.10.2, and 10.5.10. This vulnerability stems from insufficient validation of user permissions during the team invitation process, specifically when utilizing the original invite token mechanism. The flaw occurs within the authentication flow where the system fails to properly verify that a user possesses the necessary privileges to join a particular team, allowing unauthorized access through manipulation of the RelayState parameter. This represents a direct violation of access control principles and can be categorized under CWE-285, which addresses improper authorization within authentication mechanisms.
The technical exploitation of this vulnerability enables attackers to manipulate the RelayState parameter in the authentication flow to gain membership in any team regardless of existing restrictions or permissions. The vulnerability operates at the application layer and leverages the inherent trust placed in the original invite token system, which should normally validate both the token's authenticity and the user's eligibility to join the specified team. Attackers can exploit this weakness by crafting malicious requests that bypass the normal permission checking procedures, effectively allowing them to join restricted teams, channels, or organizations within the Mattermost environment.
The operational impact of this vulnerability is severe and multifaceted, potentially allowing unauthorized users to gain access to sensitive team communications, confidential data, and restricted collaboration spaces. This breach of authorization can lead to information disclosure, data exfiltration, and potential lateral movement within the organization's communication infrastructure. The vulnerability affects the core integrity of Mattermost's access control model, undermining the security posture of organizations that rely on team-based access restrictions for their collaboration platforms. From an att&ck framework perspective, this vulnerability maps to privilege escalation and initial access techniques, specifically targeting the T1078 credential access sub-technique.
Organizations affected by CVE-2025-58075 should immediately implement mitigations including updating to patched versions of Mattermost, implementing additional access controls, and monitoring for unauthorized team membership attempts. The vulnerability highlights the importance of proper input validation and authorization checking in web applications, particularly those handling user invitations and team membership. Security teams should also consider implementing network-level controls to monitor for suspicious RelayState parameter manipulation and establish incident response procedures to address potential unauthorized access. The fix typically involves strengthening the verification process for invite tokens and ensuring that all team membership requests undergo proper authorization checks before granting access to restricted resources.