Lucene search

MattermostVULNRICHMENT:CVE-2024-36492

HistoryAug 01, 2024 - 2:05 p.m.

CVE-2024-36492 Existing local user overwritten by malicious remote

2024-08-0114:05:01

CWE-284

Mattermost

github.com

cve-2024-36492

mattermost

local user

malicious remote

shared channels

user syncing

security flaw

CVSS3

7.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L

AI Score

6.7

Confidence

High

EPSS

Percentile

14.1%

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

Mattermost versions 9.9.x <= 9.9.0, 9.5.x <= 9.5.6, 9.7.x <= 9.7.5, 9.8.x <= 9.8.1 fail to disallow the modification of local users when syncing users in shared channels. which allows a malicious remote to overwrite an existing local user.

CNA Affected

[
  {
    "vendor": "Mattermost",
    "product": "Mattermost",
    "versions": [
      {
        "status": "affected",
        "version": "9.9.0"
      },
      {
        "status": "affected",
        "version": "9.5.0",
        "versionType": "semver",
        "lessThanOrEqual": "9.5.6"
      },
      {
        "status": "affected",
        "version": "9.7.0",
        "versionType": "semver",
        "lessThanOrEqual": "9.7.5"
      },
      {
        "status": "affected",
        "version": "9.8.0",
        "versionType": "semver",
        "lessThanOrEqual": "9.8.1"
      },
      {
        "status": "unaffected",
        "version": "9.10.0"
      },
      {
        "status": "unaffected",
        "version": "9.9.1"
      },
      {
        "status": "unaffected",
        "version": "9.5.7"
      },
      {
        "status": "unaffected",
        "version": "9.7.6"
      },
      {
        "status": "unaffected",
        "version": "9.8.2"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

References

mattermost.com/security-updates