{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-4195", "assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee", "state": "PUBLISHED", "assignerShortName": "Mattermost", "dateReserved": "2024-04-25T15:39:59.871Z", "datePublished": "2024-04-26T08:26:00.685Z", "dateUpdated": "2024-08-01T20:33:52.915Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Mattermost", "vendor": "Mattermost", "versions": [{"status": "affected", "version": "9.6.0"}, {"lessThanOrEqual": "9.5.2", "status": "affected", "version": "9.5.0", "versionType": "semver"}, {"lessThanOrEqual": "8.1.11", "status": "affected", "version": "8.1.0", "versionType": "semver"}, {"status": "unaffected", "version": "9.7.0"}, {"status": "unaffected", "version": "9.6.1"}, {"status": "unaffected", "version": "9.5.3"}, {"status": "unaffected", "version": "8.1.12"}]}], "credits": [{"lang": "en", "type": "finder", "value": "BhaRat (hackit_bharat)"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Mattermost versions 9.6.0, 9.5.x before 9.5.3, and 8.1.x before 8.1.12 fail to fully validate role changes, which allows an attacker authenticated as a team admin to promote guests to team admins via crafted HTTP requests.</p>"}], "value": "Mattermost versions 9.6.0, 9.5.x before 9.5.3, and 8.1.x before 8.1.12 fail to fully validate role changes, which allows an attacker authenticated as a team admin to promote guests to team admins via crafted HTTP requests.\n\n"}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 2.7, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-284", "description": "CWE-284: Improper Access Control", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee", "shortName": "Mattermost", "dateUpdated": "2024-04-26T08:26:00.685Z"}, "references": [{"url": "https://mattermost.com/security-updates"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Update Mattermost Server to versions 9.7.0, 9.6.1, 9.5.3, 8.1.12 or higher.</p>"}], "value": "Update Mattermost Server to versions 9.7.0, 9.6.1, 9.5.3, 8.1.12 or higher.\n\n"}], "source": {"advisory": "MMSA-2024-00305", "defect": ["https://mattermost.atlassian.net/browse/MM-56535"], "discovery": "EXTERNAL"}, "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-4195", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-04-26T18:19:58.356965Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:jenkins:mattermost:*:*:*:*:*:jenkins:*:*"], "vendor": "jenkins", "product": "mattermost", "versions": [{"status": "unaffected", "version": "9.7.0"}, {"status": "unaffected", "version": "9.6.1"}, {"status": "unaffected", "version": "9.5.3"}, {"status": "unaffected", "version": "8.1.12"}, {"status": "affected", "version": "9.6.0"}, {"status": "affected", "version": "9.5.0"}, {"status": "affected", "version": "8.1.0"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:54:34.811Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T20:33:52.915Z"}, "title": "CVE Program Container", "references": [{"url": "https://mattermost.com/security-updates", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://mattermost.com/security-updates", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T20:33:52.915Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-4195", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-04-26T18:19:58.356965Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:jenkins:mattermost:*:*:*:*:*:jenkins:*:*"], "vendor": "jenkins", "product": "mattermost", "versions": [{"status": "unaffected", "version": "9.7.0"}, {"status": "unaffected", "version": "9.6.1"}, {"status": "unaffected", "version": "9.5.3"}, {"status": "unaffected", "version": "8.1.12"}, {"status": "affected", "version": "9.6.0"}, {"status": "affected", "version": "9.5.0"}, {"status": "affected", "version": "8.1.0"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-04-26T18:18:26.830Z"}}], "cna": {"source": {"defect": ["https://mattermost.atlassian.net/browse/MM-56535"], "advisory": "MMSA-2024-00305", "discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "BhaRat (hackit_bharat)"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 2.7, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Mattermost", "product": "Mattermost", "versions": [{"status": "affected", "version": "9.6.0"}, {"status": "affected", "version": "9.5.0", "versionType": "semver", "lessThanOrEqual": "9.5.2"}, {"status": "affected", "version": "8.1.0", "versionType": "semver", "lessThanOrEqual": "8.1.11"}, {"status": "unaffected", "version": "9.7.0"}, {"status": "unaffected", "version": "9.6.1"}, {"status": "unaffected", "version": "9.5.3"}, {"status": "unaffected", "version": "8.1.12"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Update Mattermost Server to versions 9.7.0, 9.6.1, 9.5.3, 8.1.12 or higher.\n\n", "supportingMedia": [{"type": "text/html", "value": "<p>Update Mattermost Server to versions 9.7.0, 9.6.1, 9.5.3, 8.1.12 or higher.</p>", "base64": false}]}], "references": [{"url": "https://mattermost.com/security-updates"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "Mattermost versions 9.6.0, 9.5.x before 9.5.3, and 8.1.x before 8.1.12 fail to fully validate role changes, which allows an attacker authenticated as a team admin to promote guests to team admins via crafted HTTP requests.\n\n", "supportingMedia": [{"type": "text/html", "value": "<p>Mattermost versions 9.6.0, 9.5.x before 9.5.3, and 8.1.x before 8.1.12 fail to fully validate role changes, which allows an attacker authenticated as a team admin to promote guests to team admins via crafted HTTP requests.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-284", "description": "CWE-284: Improper Access Control"}]}], "providerMetadata": {"orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee", "shortName": "Mattermost", "dateUpdated": "2024-04-26T08:26:00.685Z"}}}, "cveMetadata": {"cveId": "CVE-2024-4195", "state": "PUBLISHED", "dateUpdated": "2024-08-01T20:33:52.915Z", "dateReserved": "2024-04-25T15:39:59.871Z", "assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee", "datePublished": "2024-04-26T08:26:00.685Z", "assignerShortName": "Mattermost"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "78A6C1F3-95B8-4231-B5D8-C8BB65EA9BFB", "versionEndExcluding": "8.1.12", "versionStartIncluding": "8.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "D4846F2D-56D5-4D24-BF0D-2075072A6ADF", "versionEndExcluding": "9.5.3", "versionStartIncluding": "9.5.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Mattermost versions 9.6.0, 9.5.x before 9.5.3, and 8.1.x before 8.1.12 fail to fully validate role changes, which allows an attacker authenticated as a team admin to promote guests to team admins via crafted HTTP requests.\n\n"}, {"lang": "es", "value": "Las versiones Mattermost 9.6.0, 9.5.x anteriores a 9.5.3 y 8.1.x anteriores a 8.1.12 no logran validar completamente los cambios de roles, lo que permite a un atacante autenticado como administrador de equipo ascender a invitados a administradores de equipo a trav\u00e9s de solicitudes HTTP manipuladas."}], "id": "CVE-2024-4195", "lastModified": "2025-05-12T13:43:36.643", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 2.7, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 1.4, "source": "responsibledisclosure@mattermost.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 2.7, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-04-26T09:15:12.897", "references": [{"source": "responsibledisclosure@mattermost.com", "tags": ["Vendor Advisory"], "url": "https://mattermost.com/security-updates"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://mattermost.com/security-updates"}], "sourceIdentifier": "responsibledisclosure@mattermost.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-284"}], "source": "responsibledisclosure@mattermost.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "mattermost: fail to fully validate role changes leading to promote guests to team admins", "id": "2277339", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2277339"}, "csaw": false, "cvss3": {"cvss3_base_score": "2.7", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N", "status": "draft"}, "cwe": "CWE-284", "details": ["Mattermost versions 9.6.0, 9.5.x before 9.5.3, and 8.1.x before 8.1.12 fail to fully validate role changes, which allows an attacker authenticated as a team admin to promote guests to team admins via crafted HTTP requests.", "A flaw was found in Mattermost, where it failed to fully validate role changes. This flaw allows an attacker authenticated as a team admin to promote guests to team admins via crafted HTTP requests."], "name": "CVE-2024-4195", "package_state": [{"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Fix deferred", "package_name": "rhacm2/acm-grafana-rhel8", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:advanced_cluster_security:3", "fix_state": "Fix deferred", "package_name": "advanced-cluster-security/rhacs-docs-rhel8", "product_name": "Red Hat Advanced Cluster Security 3"}, {"cpe": "cpe:/a:redhat:advanced_cluster_security:3", "fix_state": "Fix deferred", "package_name": "advanced-cluster-security/rhacs-main-rhel8", "product_name": "Red Hat Advanced Cluster Security 3"}, {"cpe": "cpe:/a:redhat:advanced_cluster_security:3", "fix_state": "Fix deferred", "package_name": "advanced-cluster-security/rhacs-rhel8-operator", "product_name": "Red Hat Advanced Cluster Security 3"}, {"cpe": "cpe:/a:redhat:advanced_cluster_security:3", "fix_state": "Fix deferred", "package_name": "advanced-cluster-security/rhacs-roxctl-rhel8", "product_name": "Red Hat Advanced Cluster Security 3"}, {"cpe": "cpe:/a:redhat:advanced_cluster_security:3", "fix_state": "Fix deferred", "package_name": "advanced-cluster-security/rhacs-scanner-db-rhel8", "product_name": "Red Hat Advanced Cluster Security 3"}, {"cpe": "cpe:/a:redhat:advanced_cluster_security:3", "fix_state": "Fix deferred", "package_name": "advanced-cluster-security/rhacs-scanner-rhel8", "product_name": "Red Hat Advanced Cluster Security 3"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Not affected", "package_name": "openshift4/ose-grafana", "product_name": "Red Hat OpenShift Container Platform 4"}], "public_date": "2024-04-26T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-4195\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-4195\nhttps://mattermost.com/security-updates"], "threat_severity": "Low"}

{}