Lucene search
GoogleOSV:GHSA-XGQ9-7GW6-JR5RHistorySep 16, 2024 - 3:32 p.m.
Mattermost Desktop App fails to sufficiently configure Electron Fuses
2024-09-1615:32:46
Google
osv.dev
mattermost
desktop app
electron fuses
misconfiguration
vulnerability
software
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
AI Score
6.8
Confidence
High
EPSS
0.001
Percentile
17.7%
Mattermost Desktop App versions <=5.8.0 fail to sufficiently configure Electron Fuses which allows an attacker to gather Chromium cookies or abuse other misconfigurations via remote/local access.
Related
vulnrichment
vulnrichment
CVE-2024-45835 Insufficient Electron Fuses Configuration
2024-09-16 14:27:47
osv
osv
CVE-2024-45835
2024-09-16 15:15:16
BIT-mattermost-2024-45835
2024-09-18 07:19:22
cvelist
cvelist
CVE-2024-45835 Insufficient Electron Fuses Configuration
2024-09-16 14:27:47
github
github
Mattermost Desktop App fails to sufficiently configure Electron Fuses
2024-09-16 15:32:46
nvd
nvd
CVE-2024-45835
2024-09-16 15:15:16
cve
cve
CVE-2024-45835
2024-09-16 15:15:16
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
AI Score
6.8
Confidence
High
EPSS
0.001
Percentile
17.7%
Related for OSV:GHSA-XGQ9-7GW6-JR5R