Lucene search
K

4 matches found

Positive Technologies
Positive Technologies
added 2025/10/24 12:0 a.m.4 views

PT-2025-43691

Name of the Vulnerable Software and Affected Versions Rancher Manager versions prior to 2.12.3 Description A security issue exists in Rancher Manager that allows exposure of sensitive information, including secret data, cluster import URLs, and registration tokens, to anyone with access to Ranche...

4.3CVSS6.2AI score0.00271EPSS
Exploits0References11
Veracode
Veracode
added 2024/07/04 9:32 a.m.11 views

Improper Authentication

Mattermost is vulnerable to Improper Authentication. The vulnerability is caused by the use of constant-time comparison for remote cluster tokens, possibly allowing an attacker to retrieve the token during comparison due to the timing discrepancy...

8.1CVSS7AI score0.00379EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2024/07/03 9:15 a.m.20 views

CVE-2024-39830

Mattermost versions 9.8.x = 9.8.0, 9.7.x = 9.7.4, 9.6.x = 9.6.2 and 9.5.x = 9.5.5, when shared channels are enabled, fail to use constant time comparison for remote cluster tokens which allows an attacker to retrieve the remote cluster token via a timing attack during remote cluster token...

8.1CVSS0.00379EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/03 8:32 a.m.26 views

CVE-2024-39830 Timing attack during remote cluster token comparison when shared channels are enabled

Mattermost versions 9.8.x = 9.8.0, 9.7.x = 9.7.4, 9.6.x = 9.6.2 and 9.5.x = 9.5.5, when shared channels are enabled, fail to use constant time comparison for remote cluster tokens which allows an attacker to retrieve the remote cluster token via a timing attack during remote cluster token...

8.1CVSS0.00379EPSS
Exploits0References1
Rows per page
Query Builder