5 matches found
CVE-2024-39810
Mattermost versions 9.5.x = 9.5.7 and 9.10.x = 9.10.0 fail to time limit and size limit the CA path file in the ElasticSearch configuration which allows a System Role with access to the Elasticsearch system console to add any file as a CA path field, such as /dev/zero and, after testing the...
Mattermost Server 9.5.x < 9.5.8 / 9.10.x < 9.10.1 (MMSA-2024-00359)
The version of Mattermost Server installed on the remote host is prior to 9.5.8 or 9.10.1. It is, therefore, affected by a vulnerability as referenced in the MMSA-2024-00359 advisory. - Mattermost versions 9.5.x = 9.5.7 and 9.10.x = 9.10.0 fail to time limit and size limit the CA path file in the...
CVE-2024-39810 Server crash via Elasticsearch certificate file
Mattermost versions 9.5.x = 9.5.7 and 9.10.x = 9.10.0 fail to time limit and size limit the CA path file in the ElasticSearch configuration which allows a System Role with access to the Elasticsearch system console to add any file as a CA path field, such as /dev/zero and, after testing the...
CVE-2024-39810 Server crash via Elasticsearch certificate file
Mattermost versions 9.5.x = 9.5.7 and 9.10.x = 9.10.0 fail to time limit and size limit the CA path file in the ElasticSearch configuration which allows a System Role with access to the Elasticsearch system console to add any file as a CA path field, such as /dev/zero and, after testing the...
CVE-2024-39810 Server crash via Elasticsearch certificate file
Mattermost versions 9.5.x = 9.5.7 and 9.10.x = 9.10.0 fail to time limit and size limit the CA path file in the ElasticSearch configuration which allows a System Role with access to the Elasticsearch system console to add any file as a CA path field, such as /dev/zero and, after testing the...