4 matches found
PT-2025-43691
Name of the Vulnerable Software and Affected Versions Rancher Manager versions prior to 2.12.3 Description A security issue exists in Rancher Manager that allows exposure of sensitive information, including secret data, cluster import URLs, and registration tokens, to anyone with access to Ranche...
Improper Authentication
Mattermost is vulnerable to Improper Authentication. The vulnerability is caused by the use of constant-time comparison for remote cluster tokens, possibly allowing an attacker to retrieve the token during comparison due to the timing discrepancy...
CVE-2024-39830
Mattermost versions 9.8.x = 9.8.0, 9.7.x = 9.7.4, 9.6.x = 9.6.2 and 9.5.x = 9.5.5, when shared channels are enabled, fail to use constant time comparison for remote cluster tokens which allows an attacker to retrieve the remote cluster token via a timing attack during remote cluster token...
CVE-2024-39830 Timing attack during remote cluster token comparison when shared channels are enabled
Mattermost versions 9.8.x = 9.8.0, 9.7.x = 9.7.4, 9.6.x = 9.6.2 and 9.5.x = 9.5.5, when shared channels are enabled, fail to use constant time comparison for remote cluster tokens which allows an attacker to retrieve the remote cluster token via a timing attack during remote cluster token...