Mattermost Server 9.5.x < 9.5.8 / 9.8.x < 9.8.3 / 9.9.x < 9.9.2 / 9.10.x < 9.10.1 Multiple Vulnerabilities (MMSA-2024-00353/MMSA-2024-00357)

The version of Mattermost Server installed on the remote host is prior to 9.10.1, 9.5.8, 9.8.3, or 9.9.2. It is, therefore, affected by multiple vulnerabilities as referenced in the MMSA-2024-00353 and MMSA-2024-00357 advisories. - Mattermost versions 9.9.x = 9.9.1, 9.5.x = 9.5.7, 9.10.x = 9.10.0...

CVE-2024-42497

creationtimestamp| type| source ---|---|--- 2024-08-22 19:23:08+00:00| seen| https://t.me/cvedetector/3930...

CVE-2024-42497 Insufficient permissions checks on teams

Mattermost versions 9.9.x = 9.9.1, 9.5.x = 9.5.7, 9.10.x = 9.10.0, 9.8.x = 9.8.2 fail to properly enforce permissions which allows a user with systems manager role with read-only access to teams to perform write operations on teams...

CVE-2024-42497 Insufficient permissions checks on teams

Mattermost versions 9.9.x = 9.9.1, 9.5.x = 9.5.7, 9.10.x = 9.10.0, 9.8.x = 9.8.2 fail to properly enforce permissions which allows a user with systems manager role with read-only access to teams to perform write operations on teams...