Lucene search
K

4 matches found

NVD
NVD
added 2024/11/09 6:15 p.m.17 views

CVE-2024-52032

Mattermost versions 10.0.x = 10.0.0 and 9.11.x = 9.11.2 fail to properly query ElasticSearch when searching for the channel name in channel switcher which allows an attacker to get private channels names of channels that they are not a member of, when Elasticsearch v8 was enabled...

4.3CVSS0.00288EPSS
Exploits0References1
Circl
Circl
added 2024/11/09 5:28 p.m.10 views

CVE-2024-52032

creationtimestamp| type| source ---|---|--- 2024-11-09 17:28:19+00:00| seen| https://infosec.exchange/users/cve/statuses/113454173342773017 2024-11-09 19:47:08+00:00| seen| https://t.me/cvedetector/10409...

4.3CVSS4.8AI score0.00288EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/11/09 5:19 p.m.21 views

CVE-2024-52032 Private channel names leaking when Elasticsearch is enabled

Mattermost versions 10.0.x = 10.0.0 and 9.11.x = 9.11.2 fail to properly query ElasticSearch when searching for the channel name in channel switcher which allows an attacker to get private channels names of channels that they are not a member of, when Elasticsearch v8 was enabled...

4.3CVSS0.00288EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/09 5:19 p.m.14 views

CVE-2024-52032 Private channel names leaking when Elasticsearch is enabled

Mattermost versions 10.0.x = 10.0.0 and 9.11.x = 9.11.2 fail to properly query ElasticSearch when searching for the channel name in channel switcher which allows an attacker to get private channels names of channels that they are not a member of, when Elasticsearch v8 was enabled...

4.3CVSS6.8AI score0.00288EPSS
Exploits0References1
Rows per page
Query Builder