Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/17 4:0 p.m.15 views

CVE-2025-2570

Mattermost versions 10.5.x = 10.5.3, 9.11.x = 9.11.11 fail to check RestrictSystemAdmin setting if user doesn't have access to ExperimentalSettings which allows a System Manager to access ExperimentSettings when RestrictSystemAdmin is true via System Console...

2.7CVSS6.8AI score0.00278EPSS
Exploits0References1
NVD
NVD
added 2025/05/15 4:15 p.m.8 views

CVE-2025-2570

Mattermost versions 10.5.x = 10.5.3, 9.11.x = 9.11.11 fail to check RestrictSystemAdmin setting if user doesn't have access to ExperimentalSettings which allows a System Manager to access ExperimentSettings when RestrictSystemAdmin is true via System Console...

2.7CVSS0.00278EPSS
Exploits0References1
OSV
OSV
added 2025/05/15 4:15 p.m.6 views

CVE-2025-2570

Mattermost versions 10.5.x = 10.5.3, 9.11.x = 9.11.11 fail to check RestrictSystemAdmin setting if user doesn't have access to ExperimentalSettings which allows a System Manager to access ExperimentSettings when RestrictSystemAdmin is true via System Console...

2.7CVSS6.9AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/15 3:27 p.m.10 views

CVE-2025-2570 System Admin Cannot Access Environment settings in System Console While System Manager Can

Mattermost versions 10.5.x = 10.5.3, 9.11.x = 9.11.11 fail to check RestrictSystemAdmin setting if user doesn't have access to ExperimentalSettings which allows a System Manager to access ExperimentSettings when RestrictSystemAdmin is true via System Console...

2.7CVSS3.8AI score0.00278EPSS
Exploits0References1
CVE
CVE
added 2025/05/15 3:27 p.m.31 views

CVE-2025-2570

Mattermost CVE-2025-2570 affects Mattermost Server versions 10.5.x ≤ 10.5.3 and 9.11.x ≤ 9.11.11. Root cause: the system fails to enforce RestrictSystemAdmin when a user lacks access to ExperimentalSettings, allowing a System Manager to access ExperimentSettings via the System Console. Impact: ex...

2.7CVSS3.6AI score0.00278EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/05/15 3:27 p.m.16 views

CVE-2025-2570 System Admin Cannot Access Environment settings in System Console While System Manager Can

Mattermost versions 10.5.x = 10.5.3, 9.11.x = 9.11.11 fail to check RestrictSystemAdmin setting if user doesn't have access to ExperimentalSettings which allows a System Manager to access ExperimentSettings when RestrictSystemAdmin is true via System Console...

2.7CVSS0.00278EPSS
Exploits0References1
Rows per page
Query Builder