Lucene search
GoogleOSV:GO-2024-3024HistoryAug 06, 2024 - 10:40 p.m.
Mattermost allows a user on a remote to set their remote username prop to an arbitrary string in github.com/mattermost/mattermost-server
2024-08-0622:40:50
Google
osv.dev
3
mattermost
remote username
security
vulnerability
mattermost-server
CVSS3
4.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
AI Score
7.2
Confidence
High
EPSS
0
Percentile
14.7%
Mattermost allows a user on a remote to set their remote username prop to an arbitrary string in github.com/mattermost/mattermost-server
Related
cvelist
cvelist
CVE-2024-39839 Remote username set to an arbitrary string by remote user
2024-08-01 14:05:07
veracode
veracode
Improper Access Control
2024-08-09 10:05:47
github
github
vulnrichment
vulnrichment
CVE-2024-39839 Remote username set to an arbitrary string by remote user
2024-08-01 14:05:07
osv
osv
CVE-2024-39839
2024-08-01 15:15:12
BIT-mattermost-2024-39839
2024-09-05 19:14:36
nvd
nvd
CVE-2024-39839
2024-08-01 15:15:12
cve
cve
CVE-2024-39839
2024-08-01 15:15:12
CVSS3
4.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
AI Score
7.2
Confidence
High
EPSS
0
Percentile
14.7%
Related for OSV:GO-2024-3024