5 matches found
CVE-2024-48872
Mattermost versions 10.1.x = 10.1.2, 10.0.x = 10.0.2, 9.11.x = 9.11.4, and 9.5.x = 9.5.12 fail to prevent concurrently checking and updating the failed login attempts. which allows an attacker to bypass of "Max failed attempts" restriction and send a big number of login attempts before being...
CVE-2024-48872
Mattermost versions 10.1.x = 10.1.2, 10.0.x = 10.0.2, 9.11.x = 9.11.4, and 9.5.x = 9.5.12 fail to prevent concurrently checking and updating the failed login attempts. which allows an attacker to bypass of "Max failed attempts" restriction and send a big number of login attempts before being...
CVE-2024-48872
Mattermost server CVE-2024-48872 affects 9.5.x (up to 9.5.12), 9.11.x (up to 9.11.4), 10.0.x (up to 10.0.2), and 10.1.x (up to 10.1.2). The issue is a race condition where concurrent login attempts are not prevented from updating the failure counter, allowing an attacker to bypass the Max failed ...
CVE-2024-48872 Bypass of "Max failed attempts" restriction via race condition
Mattermost versions 10.1.x = 10.1.2, 10.0.x = 10.0.2, 9.11.x = 9.11.4, and 9.5.x = 9.5.12 fail to prevent concurrently checking and updating the failed login attempts. which allows an attacker to bypass of "Max failed attempts" restriction and send a big number of login attempts before being...
CVE-2024-48872 Bypass of "Max failed attempts" restriction via race condition
Mattermost versions 10.1.x = 10.1.2, 10.0.x = 10.0.2, 9.11.x = 9.11.4, and 9.5.x = 9.5.12 fail to prevent concurrently checking and updating the failed login attempts. which allows an attacker to bypass of "Max failed attempts" restriction and send a big number of login attempts before being...