Mattermost versions 9.9.x <= 9.9.0, 9.5.x <= 9.5.6, 9.7.x <= 9.7.5, 9.8.x <= 9.8.1 fail to properly safeguard an error handling which allows a malicious remote to permanently delete local data by abusing dangerous error handling, when share channels were enabled.
References
History

Fri, 23 Aug 2024 15:00:00 +0000

Type Values Removed Values Added
First Time appeared Mattermost
Mattermost mattermost
CPEs cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*
cpe:2.3:a:mattermost:mattermost:9.9.0:*:*:*:*:*:*:*
Vendors & Products Mattermost
Mattermost mattermost

Wed, 07 Aug 2024 14:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: Mattermost

Published: 2024-08-01T14:05:04.850Z

Updated: 2024-08-07T14:09:31.969Z

Reserved: 2024-07-23T17:55:45.288Z

Link: CVE-2024-39832

cve-icon Vulnrichment

Updated: 2024-08-07T14:09:26.583Z

cve-icon NVD

Status : Analyzed

Published: 2024-08-01T15:15:12.587

Modified: 2024-08-23T14:35:13.670

Link: CVE-2024-39832

cve-icon Redhat

No data.