CVE-2024-36492 - Vulnerability Details - OpenCVE

Mattermost versions 9.9.x <= 9.9.0, 9.5.x <= 9.5.6, 9.7.x <= 9.7.5, 9.8.x <= 9.8.1 fail to disallow the modification of local users when syncing users in shared channels. which allows a malicious remote to overwrite an existing local user.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00207.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Mattermost	Mattermost

Configuration 1 [-]

OR	cpe:2.3:a:mattermost:mattermost::::::::
	cpe:2.3:a:mattermost:mattermost::::::::
	cpe:2.3:a:mattermost:mattermost::::::::
	cpe:2.3:a:mattermost:mattermost:9.9.0:::::::*

No data.

No data.

Fixes

Solution

Update Mattermost to versions 9.10.0, 9.9.1, 9.5.7, 9.7.6, 9.8.2 or higher.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://mattermost.com/security-updates

History

Fri, 23 Aug 2024 15:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Mattermost Mattermost mattermost
Weaknesses		NVD-CWE-noinfo
CPEs		cpe:2.3:a:mattermost:mattermost:::::::: cpe:2.3:a:mattermost:mattermost:9.9.0:::::::*
Vendors & Products		Mattermost Mattermost mattermost

MITRE

Status: PUBLISHED

Assigner: Mattermost

Published: 2024-08-01T14:05:01.393Z

Updated: 2024-08-05T16:57:11.289Z

Reserved: 2024-07-23T17:55:45.350Z

Link: CVE-2024-36492

Vulnrichment

Updated: 2024-08-05T16:57:06.440Z

NVD

Status : Analyzed

Published: 2024-08-01T15:15:11.810

Modified: 2024-08-23T14:51:08.580

Link: CVE-2024-36492

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-36492", "assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee", "state": "PUBLISHED", "assignerShortName": "Mattermost", "dateReserved": "2024-07-23T17:55:45.350Z", "datePublished": "2024-08-01T14:05:01.393Z", "dateUpdated": "2024-08-05T16:57:11.289Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Mattermost", "vendor": "Mattermost", "versions": [{"status": "affected", "version": "9.9.0"}, {"lessThanOrEqual": "9.5.6", "status": "affected", "version": "9.5.0", "versionType": "semver"}, {"lessThanOrEqual": "9.7.5", "status": "affected", "version": "9.7.0", "versionType": "semver"}, {"lessThanOrEqual": "9.8.1", "status": "affected", "version": "9.8.0", "versionType": "semver"}, {"status": "unaffected", "version": "9.10.0"}, {"status": "unaffected", "version": "9.9.1"}, {"status": "unaffected", "version": "9.5.7"}, {"status": "unaffected", "version": "9.7.6"}, {"status": "unaffected", "version": "9.8.2"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Juho Fors\u00e9n"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Mattermost versions 9.9.x <= 9.9.0, 9.5.x <= 9.5.6, 9.7.x <= 9.7.5, 9.8.x <= 9.8.1 fail to disallow the modification of local users when syncing users in shared channels. which allows a malicious remote to overwrite an existing local user. </p>"}], "value": "Mattermost versions 9.9.x <= 9.9.0, 9.5.x <= 9.5.6, 9.7.x <= 9.7.5, 9.8.x <= 9.8.1 fail to disallow the modification of local users when syncing users in shared channels. which allows a malicious remote to overwrite an existing local user."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-284", "description": "CWE-284: Improper Access Control", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee", "shortName": "Mattermost", "dateUpdated": "2024-08-01T14:05:01.393Z"}, "references": [{"url": "https://mattermost.com/security-updates"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Update Mattermost to versions 9.10.0, 9.9.1, 9.5.7, 9.7.6, 9.8.2 or higher.</p>"}], "value": "Update Mattermost to versions 9.10.0, 9.9.1, 9.5.7, 9.7.6, 9.8.2 or higher."}], "source": {"advisory": "MMSA-2024-00341", "defect": ["https://mattermost.atlassian.net/browse/MM-58248"], "discovery": "INTERNAL"}, "title": "Existing local user overwritten by malicious remote", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-08-05T16:56:57.857020Z", "id": "CVE-2024-36492", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-05T16:57:11.289Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-36492", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-08-05T16:56:57.857020Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-05T16:57:06.440Z"}}], "cna": {"title": "Existing local user overwritten by malicious remote", "source": {"defect": ["https://mattermost.atlassian.net/browse/MM-58248"], "advisory": "MMSA-2024-00341", "discovery": "INTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Juho Fors\u00e9n"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.4, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Mattermost", "product": "Mattermost", "versions": [{"status": "affected", "version": "9.9.0"}, {"status": "affected", "version": "9.5.0", "versionType": "semver", "lessThanOrEqual": "9.5.6"}, {"status": "affected", "version": "9.7.0", "versionType": "semver", "lessThanOrEqual": "9.7.5"}, {"status": "affected", "version": "9.8.0", "versionType": "semver", "lessThanOrEqual": "9.8.1"}, {"status": "unaffected", "version": "9.10.0"}, {"status": "unaffected", "version": "9.9.1"}, {"status": "unaffected", "version": "9.5.7"}, {"status": "unaffected", "version": "9.7.6"}, {"status": "unaffected", "version": "9.8.2"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Update Mattermost to versions 9.10.0, 9.9.1, 9.5.7, 9.7.6, 9.8.2 or higher.", "supportingMedia": [{"type": "text/html", "value": "<p>Update Mattermost to versions 9.10.0, 9.9.1, 9.5.7, 9.7.6, 9.8.2 or higher.</p>", "base64": false}]}], "references": [{"url": "https://mattermost.com/security-updates"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "Mattermost versions 9.9.x <= 9.9.0, 9.5.x <= 9.5.6, 9.7.x <= 9.7.5, 9.8.x <= 9.8.1 fail to disallow the modification of local users when syncing users in shared channels. which allows a malicious remote to overwrite an existing local user.", "supportingMedia": [{"type": "text/html", "value": "<p>Mattermost versions 9.9.x <= 9.9.0, 9.5.x <= 9.5.6, 9.7.x <= 9.7.5, 9.8.x <= 9.8.1 fail to disallow the modification of local users when syncing users in shared channels. which allows a malicious remote to overwrite an existing local user. </p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-284", "description": "CWE-284: Improper Access Control"}]}], "providerMetadata": {"orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee", "shortName": "Mattermost", "dateUpdated": "2024-08-01T14:05:01.393Z"}}}, "cveMetadata": {"cveId": "CVE-2024-36492", "state": "PUBLISHED", "dateUpdated": "2024-08-05T16:57:11.289Z", "dateReserved": "2024-07-23T17:55:45.350Z", "assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee", "datePublished": "2024-08-01T14:05:01.393Z", "assignerShortName": "Mattermost"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*", "matchCriteriaId": "0942D308-9462-4C2A-A9FE-838EB5842E02", "versionEndExcluding": "9.5.7", "versionStartIncluding": "9.5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*", "matchCriteriaId": "642355DC-0EF1-4631-89D0-694AB7C9EF78", "versionEndExcluding": "9.7.6", "versionStartIncluding": "9.7.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*", "matchCriteriaId": "00E80458-F38E-46EB-98FD-1CADD3FCE335", "versionEndExcluding": "9.8.2", "versionStartIncluding": "9.8.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mattermost:mattermost:9.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DA215755-4D08-4B4D-9736-DAF54D2F0B9C", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Mattermost versions 9.9.x <= 9.9.0, 9.5.x <= 9.5.6, 9.7.x <= 9.7.5, 9.8.x <= 9.8.1 fail to disallow the modification of local users when syncing users in shared channels. which allows a malicious remote to overwrite an existing local user."}, {"lang": "es", "value": " Las versiones de Mattermost 9.9.x <= 9.9.0, 9.5.x <= 9.5.6, 9.7.x <= 9.7.5, 9.8.x <= 9.8.1 no permiten la modificaci\u00f3n de usuarios locales al sincronizar usuarios en canales compartidos lo que permite que un control remoto malicioso sobrescriba a un usuario local existente."}], "id": "CVE-2024-36492", "lastModified": "2024-08-23T14:51:08.580", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 3.1, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 3.1, "impactScore": 3.7, "source": "responsibledisclosure@mattermost.com", "type": "Secondary"}]}, "published": "2024-08-01T15:15:11.810", "references": [{"source": "responsibledisclosure@mattermost.com", "tags": ["Vendor Advisory"], "url": "https://mattermost.com/security-updates"}], "sourceIdentifier": "responsibledisclosure@mattermost.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-284"}], "source": "responsibledisclosure@mattermost.com", "type": "Secondary"}]}