Lucene search
K

5 matches found

Chainguard
Chainguard
added 2025/05/01 7:14 a.m.50 views

CVE-2025-2475 vulnerabilities

Vulnerabilities for packages: mattermost-fips...

5.4CVSS7.2AI score0.00204EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2025/04/24 3:27 a.m.4 views

SUSE CVE-2025-2475

Mattermost versions 10.5.x = 10.5.1, 10.4.x = 10.4.3, 9.11.x = 9.11.9 fail to invalidate the cache when a user account is converted to a bot which allows an attacker to login to the bot exactly one time via normal credentials...

5.4CVSS6.9AI score0.00204EPSS
Exploits0References3
NVD
NVD
added 2025/04/14 3:15 p.m.64 views

CVE-2025-2475

Mattermost versions 10.5.x = 10.5.1, 10.4.x = 10.4.3, 9.11.x = 9.11.9 fail to invalidate the cache when a user account is converted to a bot which allows an attacker to login to the bot exactly one time via normal credentials...

5.4CVSS0.00204EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/14 2:49 p.m.63 views

CVE-2025-2475 Unauthorized Bot Login Using Credentials

Mattermost versions 10.5.x = 10.5.1, 10.4.x = 10.4.3, 9.11.x = 9.11.9 fail to invalidate the cache when a user account is converted to a bot which allows an attacker to login to the bot exactly one time via normal credentials...

5.4CVSS0.00204EPSS
Exploits0References1
CVE
CVE
added 2025/04/14 2:49 p.m.240 views

CVE-2025-2475

Mattermost CVE-2025-2475 affects servers 9.11.x up to 9.11.9, 10.4.x up to 10.4.3, and 10.5.x up to 10.5.1. The root cause is a failure to invalidate the cache when a user account is converted to a bot, enabling an attacker to log in to the bot exactly once using normal credentials. The available...

5.4CVSS5.4AI score0.00204EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder