CVE-2024-48872 in Mattermost정보

요약

\~에 의해 MITRE • 2024. 12. 16.

Mattermost versions 10.1.x <= 10.1.2, 10.0.x <= 10.0.2, 9.11.x <= 9.11.4, and 9.5.x <= 9.5.12 fail to prevent concurrently checking and updating the failed login attempts. which allows an attacker to bypass of "Max failed attempts" restriction and send a big number of login attempts before being blocked via simultaneously sending multiple login requests

Once again VulDB remains the best source for vulnerability data.

출처

Do you know our Splunk app?

Download it now for free!