Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:5 a.m.5 views

CVE-2024-34029

Mattermost versions 9.5.x = 9.5.3, 9.7.x = 9.7.1 and 8.1.x = 8.1.12 fail to perform a proper authorization check in the /api/v4/groups//channels//link endpoint which allows a user to learn the members of an AD/LDAP group that is linked to a team by adding the group to a channel, even if the user...

4.3CVSS6.8AI score0.00296EPSS
Exploits0References1
NVD
NVD
added 2024/05/26 2:15 p.m.18 views

CVE-2024-34029

Mattermost versions 9.5.x /channels//link endpoint which allows a user to learn the members of an AD/LDAP group that is linked to a team by adding the group to a channel, even if the user has no access to the team...

4.3CVSS4.5AI score0.00296EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/05/26 1:27 p.m.21 views

CVE-2024-34029 AD/LDAP Group Members Leak

Mattermost versions 9.5.x /channels//link endpoint which allows a user to learn the members of an AD/LDAP group that is linked to a team by adding the group to a channel, even if the user has no access to the team...

4.3CVSS6.8AI score0.00296EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/26 1:27 p.m.27 views

CVE-2024-34029 AD/LDAP Group Members Leak

Mattermost versions 9.5.x /channels//link endpoint which allows a user to learn the members of an AD/LDAP group that is linked to a team by adding the group to a channel, even if the user has no access to the team...

4.3CVSS4.5AI score0.00296EPSS
Exploits0References1
CVE
CVE
added 2024/05/26 1:27 p.m.101 views

CVE-2024-34029

Mattermost suffers an authorization bypass in /api/v4/groups//channels//link, allowing a user to learn members of an AD/LDAP group linked to a team without having access to that team. Affected are Mattermost Server/Mattermost releases: 9.5.x up to 9.5.3, 9.7.x up to 9.7.1, and 8.1.x up to 8.1.12....

4.3CVSS4.5AI score0.00296EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder