Lucene search
GoogleOSV:CVE-2024-39832HistoryAug 01, 2024 - 3:15 p.m.
CVE-2024-39832
2024-08-0115:15:12
Google
osv.dev
2
mattermost security issue
error handling vulnerability
remote data deletion
share channels vulnerability
software vulnerability
CVSS3
8.7
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H
AI Score
6.6
Confidence
Low
Mattermost versions 9.9.x <= 9.9.0, 9.5.x <= 9.5.6, 9.7.x <= 9.7.5, 9.8.x <= 9.8.1 fail to properly safeguard an error handling which allows a malicious remote to permanently delete local data by abusing dangerous error handling, when share channels were enabled.
References
Related
cvelist
cvelist
CVE-2024-39832 Permanently local data deletion by malicious remote
2024-08-01 14:05:04
osv
osv
veracode
veracode
Incorrect Error Handling
2024-08-09 11:26:39
nvd
nvd
CVE-2024-39832
2024-08-01 15:15:12
vulnrichment
vulnrichment
CVE-2024-39832 Permanently local data deletion by malicious remote
2024-08-01 14:05:04
github
github
cve
cve
CVE-2024-39832
2024-08-01 15:15:12
CVSS3
8.7
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H
AI Score
6.6
Confidence
Low
Related for OSV:CVE-2024-39832