CVE-2024-43780 - OpenCVE

Mattermost versions 9.9.x <= 9.9.1, 9.5.x <= 9.5.7, 9.10.0, 9.8.x <= 9.8.2 fail to enforce permissions which allows a guest user with read access to upload files to a channel.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

No data.

No data.

No data.

References

Link	Providers
https://mattermost.com/security-updates
https://nvd.nist.gov/vuln/detail/CVE-2024-43780
https://www.cve.org/CVERecord?id=CVE-2024-43780

History

Thu, 22 Aug 2024 23:30:00 +0000

Type	Values Removed	Values Added
References		https://nvd.nist.gov/vuln/detail/CVE-2024-43780 https://www.cve.org/CVERecord?id=CVE-2024-43780
Metrics	threat_severity `None`	threat_severity `Moderate`

Thu, 22 Aug 2024 16:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Thu, 22 Aug 2024 15:30:00 +0000

Type	Values Removed	Values Added
Description		Mattermost versions 9.9.x <= 9.9.1, 9.5.x <= 9.5.7, 9.10.0, 9.8.x <= 9.8.2 fail to enforce permissions which allows a guest user with read access to upload files to a channel.
Title		Unauthorized channel file upload
Weaknesses		CWE-284
References		https://mattermost.com/security-updates
Metrics		cvssV3_1 `{'score': 4.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N'}`

MITRE

Status: PUBLISHED

Assigner: Mattermost

Published: 2024-08-22T15:17:11.947Z

Updated: 2024-08-22T16:06:25.703Z

Reserved: 2024-08-16T17:27:00.321Z

Link: CVE-2024-43780

Vulnrichment

Updated: 2024-08-22T16:06:17.238Z

NVD

Status : Awaiting Analysis

Published: 2024-08-22T16:15:09.897

Modified: 2024-08-23T16:18:28.547

Link: CVE-2024-43780

Redhat

Severity : Moderate

Publid Date: 2024-08-22T16:15:09Z

Links: CVE-2024-43780 - Bugzilla

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-43780", "assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee", "state": "PUBLISHED", "assignerShortName": "Mattermost", "dateReserved": "2024-08-16T17:27:00.321Z", "datePublished": "2024-08-22T15:17:11.947Z", "dateUpdated": "2024-08-22T16:06:25.703Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Mattermost", "vendor": "Mattermost", "versions": [{"lessThanOrEqual": "9.9.1", "status": "affected", "version": "9.9.0", "versionType": "semver"}, {"lessThanOrEqual": "9.5.7", "status": "affected", "version": "9.5.0", "versionType": "semver"}, {"status": "affected", "version": "9.10.0"}, {"lessThanOrEqual": "9.8.2", "status": "affected", "version": "9.8.0", "versionType": "semver"}, {"status": "unaffected", "version": "9.11.0"}, {"status": "unaffected", "version": "9.9.2"}, {"status": "unaffected", "version": "9.5.8"}, {"status": "unaffected", "version": "9.10.1"}, {"status": "unaffected", "version": "9.8.3"}]}], "credits": [{"lang": "en", "type": "finder", "value": "BhaRat (hackit_bharat)"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Mattermost versions 9.9.x <= 9.9.1, 9.5.x <= 9.5.7, 9.10.0, 9.8.x <= 9.8.2 fail to enforce permissions which allows a guest user with read access to upload files to a channel.</p>"}], "value": "Mattermost versions 9.9.x <= 9.9.1, 9.5.x <= 9.5.7, 9.10.0, 9.8.x <= 9.8.2 fail to enforce permissions which allows a guest user with read access to upload files to a channel."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-284", "description": "CWE-284: Improper Access Control", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee", "shortName": "Mattermost", "dateUpdated": "2024-08-22T15:17:11.947Z"}, "references": [{"url": "https://mattermost.com/security-updates"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Update Mattermost to versions 9.11.0, 9.9.2, 9.5.8, 9.10.1, 9.8.3 or higher.</p>"}], "value": "Update Mattermost to versions 9.11.0, 9.9.2, 9.5.8, 9.10.1, 9.8.3 or higher."}], "source": {"advisory": "MMSA-2024-00357", "defect": ["https://mattermost.atlassian.net/browse/MM-58524"], "discovery": "EXTERNAL"}, "title": "Unauthorized channel file upload", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-08-22T16:06:12.738586Z", "id": "CVE-2024-43780", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-22T16:06:25.703Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-43780", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-08-22T16:06:12.738586Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-22T16:06:17.238Z"}}], "cna": {"title": "Unauthorized channel file upload", "source": {"defect": ["https://mattermost.atlassian.net/browse/MM-58524"], "advisory": "MMSA-2024-00357", "discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "BhaRat (hackit_bharat)"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Mattermost", "product": "Mattermost", "versions": [{"status": "affected", "version": "9.9.0", "versionType": "semver", "lessThanOrEqual": "9.9.1"}, {"status": "affected", "version": "9.5.0", "versionType": "semver", "lessThanOrEqual": "9.5.7"}, {"status": "affected", "version": "9.10.0"}, {"status": "affected", "version": "9.8.0", "versionType": "semver", "lessThanOrEqual": "9.8.2"}, {"status": "unaffected", "version": "9.11.0"}, {"status": "unaffected", "version": "9.9.2"}, {"status": "unaffected", "version": "9.5.8"}, {"status": "unaffected", "version": "9.10.1"}, {"status": "unaffected", "version": "9.8.3"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Update Mattermost to versions 9.11.0, 9.9.2, 9.5.8, 9.10.1, 9.8.3 or higher.", "supportingMedia": [{"type": "text/html", "value": "<p>Update Mattermost to versions 9.11.0, 9.9.2, 9.5.8, 9.10.1, 9.8.3 or higher.</p>", "base64": false}]}], "references": [{"url": "https://mattermost.com/security-updates"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "Mattermost versions 9.9.x <= 9.9.1, 9.5.x <= 9.5.7, 9.10.0, 9.8.x <= 9.8.2 fail to enforce permissions which allows a guest user with read access to upload files to a channel.", "supportingMedia": [{"type": "text/html", "value": "<p>Mattermost versions 9.9.x <= 9.9.1, 9.5.x <= 9.5.7, 9.10.0, 9.8.x <= 9.8.2 fail to enforce permissions which allows a guest user with read access to upload files to a channel.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-284", "description": "CWE-284: Improper Access Control"}]}], "providerMetadata": {"orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee", "shortName": "Mattermost", "dateUpdated": "2024-08-22T15:17:11.947Z"}}}, "cveMetadata": {"cveId": "CVE-2024-43780", "state": "PUBLISHED", "dateUpdated": "2024-08-22T16:06:25.703Z", "dateReserved": "2024-08-16T17:27:00.321Z", "assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee", "datePublished": "2024-08-22T15:17:11.947Z", "assignerShortName": "Mattermost"}, "dataVersion": "5.1"}

{"bugzilla": {"description": "mattermost: permission enforcing failure allows a guest user with read access to upload files to a channel", "id": "2307318", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2307318"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.4", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "status": "draft"}, "cwe": "CWE-284", "details": ["Mattermost versions 9.9.x <= 9.9.1, 9.5.x <= 9.5.7, 9.10.0, 9.8.x <= 9.8.2 fail to enforce permissions which allows a guest user with read access to upload files to a channel.", "A flaw was found in the mattermost package where it fails to properly enforce permissions. This issue allows a guest user with read access to upload files to channels."], "name": "CVE-2024-43780", "package_state": [{"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Affected", "package_name": "rhacm2/acm-grafana-rhel8", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:advanced_cluster_security:4", "fix_state": "Not affected", "package_name": "advanced-cluster-security/rhacs-central-db-rhel8", "product_name": "Red Hat Advanced Cluster Security 4"}, {"cpe": "cpe:/a:redhat:advanced_cluster_security:4", "fix_state": "Not affected", "package_name": "advanced-cluster-security/rhacs-main-rhel8", "product_name": "Red Hat Advanced Cluster Security 4"}, {"cpe": "cpe:/a:redhat:advanced_cluster_security:4", "fix_state": "Not affected", "package_name": "advanced-cluster-security/rhacs-rhel8-operator", "product_name": "Red Hat Advanced Cluster Security 4"}, {"cpe": "cpe:/a:redhat:advanced_cluster_security:4", "fix_state": "Not affected", "package_name": "advanced-cluster-security/rhacs-roxctl-rhel8", "product_name": "Red Hat Advanced Cluster Security 4"}, {"cpe": "cpe:/a:redhat:advanced_cluster_security:4", "fix_state": "Not affected", "package_name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8", "product_name": "Red Hat Advanced Cluster Security 4"}, {"cpe": "cpe:/a:redhat:advanced_cluster_security:4", "fix_state": "Not affected", "package_name": "advanced-cluster-security/rhacs-scanner-v4-rhel8", "product_name": "Red Hat Advanced Cluster Security 4"}, {"cpe": "cpe:/a:redhat:ceph_storage:5", "fix_state": "Affected", "package_name": "rhceph/rhceph-5-dashboard-rhel8", "product_name": "Red Hat Ceph Storage 5"}, {"cpe": "cpe:/a:redhat:ceph_storage:6", "fix_state": "Affected", "package_name": "rhceph/rhceph-6-dashboard-rhel9", "product_name": "Red Hat Ceph Storage 6"}, {"cpe": "cpe:/a:redhat:ceph_storage:7", "fix_state": "Affected", "package_name": "rhceph/grafana-rhel9", "product_name": "Red Hat Ceph Storage 7"}, {"cpe": "cpe:/a:redhat:openshift_gitops:1", "fix_state": "Not affected", "package_name": "openshift-gitops-1/dex-rhel8", "product_name": "Red Hat OpenShift GitOps"}], "public_date": "2024-08-22T16:15:09Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-43780\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-43780\nhttps://mattermost.com/security-updates"], "threat_severity": "Moderate"}