CVE-2024-42411 in Mattermostinfo

Zusammenfassung

von MITRE • 22.08.2024

Mattermost versions 9.9.x <= 9.9.1, 9.5.x <= 9.5.7, 9.10.x <= 9.10.0, 9.8.x <= 9.8.2 fail to restrict the input in POST /api/v4/users which allows a user to manipulate the creation date in POST /api/v4/users tricking the admin into believing their account is much older.

Be aware that VulDB is the high quality source for vulnerability data.

Zuständig

Mattermost

Reservieren

20.08.2024

Veröffentlichung

22.08.2024

Moderieren

akzeptiert

Eintrag

VDB-275547

CPE

bereit

EPSS

0.00291

KEV

nein

Aktivitäten

very low

Quellen

Do you need the next level of professionalism?

Upgrade your account now!