CVE-2024-32945 - Vulnerability Details - OpenCVE

Mattermost Mobile Apps versions <=2.16.0 fail to protect against abuse of a globally shared MathJax state which allows an attacker to change the contents of a LateX post, by creating another post with specific macro definitions.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00436.

Key SSVC decision points have not yet been added.

Vendors	Products
Mattermost	Mattermost Mobile

Configuration 1 [-]

cpe:2.3:a:mattermost:mattermost_mobile:*:*:*:*:*:*:*:*

No data.

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2024-34471	Mattermost Mobile Apps versions <=2.16.0 fail to protect against abuse of a globally shared MathJax state which allows an attacker to change the contents of a LateX post, by creating another post with specific macro definitions.

Fixes

Solution

Update Mattermost Mobile Apps to versions 2.17.0 or higher.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://mattermost.com/security-updates

History

No history.

MITRE

Status: PUBLISHED

Assigner: Mattermost

Published: 2024-07-15T08:42:19.268Z

Updated: 2024-08-02T02:27:52.391Z

Reserved: 2024-07-11T14:48:59.891Z

Link: CVE-2024-32945

Vulnrichment

Updated: 2024-08-02T02:27:52.391Z

NVD

Status : Modified

Published: 2024-07-15T09:15:02.260

Modified: 2024-11-21T09:16:05.340

Link: CVE-2024-32945

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-32945", "assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee", "state": "PUBLISHED", "assignerShortName": "Mattermost", "dateReserved": "2024-07-11T14:48:59.891Z", "datePublished": "2024-07-15T08:42:19.268Z", "dateUpdated": "2024-08-02T02:27:52.391Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Mattermost", "vendor": "Mattermost", "versions": [{"lessThanOrEqual": "2.16.0", "status": "affected", "version": "0", "versionType": "semver"}, {"status": "unaffected", "version": "2.17.0"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Juho Nurminen"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Mattermost Mobile Apps versions <=2.16.0 fail to protect against abuse of a globally shared MathJax state <span style=\"background-color: var(--wht);\">which allows an attacker to change the contents of a LateX post, by creating another post with specific macro definitions.</span></p>"}], "value": "Mattermost Mobile Apps versions <=2.16.0 fail to protect against abuse of a globally shared MathJax state\u00a0which allows an attacker to change the contents of a LateX post, by creating another post with specific macro definitions."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 2.6, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-909", "description": "CWE-909: Missing Initialization of Resource", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee", "shortName": "Mattermost", "dateUpdated": "2024-07-15T08:42:19.268Z"}, "references": [{"url": "https://mattermost.com/security-updates"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Update Mattermost Mobile Apps to versions 2.17.0 or higher.</p>"}], "value": "Update Mattermost Mobile Apps to versions 2.17.0 or higher."}], "source": {"advisory": "MMSA-2024-00336", "defect": ["https://mattermost.atlassian.net/browse/MM-57561"], "discovery": "EXTERNAL"}, "title": "LaTeX post content manipulation via renderer state leak across contexts", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"affected": [{"vendor": "mattermost", "product": "mattermost", "cpes": ["cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.16.0", "versionType": "semver"}, {"version": "2.17.0", "status": "unaffected"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-07-16T15:37:36.760670Z", "id": "CVE-2024-32945", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-16T15:44:30.104Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T02:27:52.391Z"}, "title": "CVE Program Container", "references": [{"url": "https://mattermost.com/security-updates", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://mattermost.com/security-updates", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T02:27:52.391Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-32945", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-07-16T15:37:36.760670Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*"], "vendor": "mattermost", "product": "mattermost", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "2.16.0"}, {"status": "unaffected", "version": "2.17.0"}], "defaultStatus": "unaffected"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-16T15:40:50.827Z"}}], "cna": {"title": "LaTeX post content manipulation via renderer state leak across contexts", "source": {"defect": ["https://mattermost.atlassian.net/browse/MM-57561"], "advisory": "MMSA-2024-00336", "discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Juho Nurminen"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 2.6, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Mattermost", "product": "Mattermost", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "2.16.0"}, {"status": "unaffected", "version": "2.17.0"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Update Mattermost Mobile Apps to versions 2.17.0 or higher.", "supportingMedia": [{"type": "text/html", "value": "<p>Update Mattermost Mobile Apps to versions 2.17.0 or higher.</p>", "base64": false}]}], "references": [{"url": "https://mattermost.com/security-updates"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "Mattermost Mobile Apps versions <=2.16.0 fail to protect against abuse of a globally shared MathJax state\u00a0which allows an attacker to change the contents of a LateX post, by creating another post with specific macro definitions.", "supportingMedia": [{"type": "text/html", "value": "<p>Mattermost Mobile Apps versions <=2.16.0 fail to protect against abuse of a globally shared MathJax state <span style=\"background-color: var(--wht);\">which allows an attacker to change the contents of a LateX post, by creating another post with specific macro definitions.</span></p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-909", "description": "CWE-909: Missing Initialization of Resource"}]}], "providerMetadata": {"orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee", "shortName": "Mattermost", "dateUpdated": "2024-07-15T08:42:19.268Z"}}}, "cveMetadata": {"cveId": "CVE-2024-32945", "state": "PUBLISHED", "dateUpdated": "2024-08-02T02:27:52.391Z", "dateReserved": "2024-07-11T14:48:59.891Z", "assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee", "datePublished": "2024-07-15T08:42:19.268Z", "assignerShortName": "Mattermost"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mattermost:mattermost_mobile:*:*:*:*:*:*:*:*", "matchCriteriaId": "2FC511A8-A955-4FF9-AC43-A84FFC4C3142", "versionEndExcluding": "2.17.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Mattermost Mobile Apps versions <=2.16.0 fail to protect against abuse of a globally shared MathJax state\u00a0which allows an attacker to change the contents of a LateX post, by creating another post with specific macro definitions."}, {"lang": "es", "value": "Las versiones de Mattermost Mobile Apps <= 2.16.0 no protegen contra el abuso de un estado MathJax compartido globalmente que permite a un atacante cambiar el contenido de una publicaci\u00f3n de LateX mediante la creaci\u00f3n de otra publicaci\u00f3n con definiciones de macro espec\u00edficas."}], "id": "CVE-2024-32945", "lastModified": "2024-11-21T09:16:05.340", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 2.6, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 1.4, "source": "responsibledisclosure@mattermost.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-07-15T09:15:02.260", "references": [{"source": "responsibledisclosure@mattermost.com", "tags": ["Vendor Advisory"], "url": "https://mattermost.com/security-updates"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://mattermost.com/security-updates"}], "sourceIdentifier": "responsibledisclosure@mattermost.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-909"}], "source": "responsibledisclosure@mattermost.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-909"}], "source": "nvd@nist.gov", "type": "Primary"}]}