CVE-2024-12247
EUVD-2024-5071105.12.2024, 16:15
Mattermost versions 9.7.x <= 9.7.5, 9.8.x <= 9.8.2 and 9.9.x <= 9.9.2 fail to properly propagate permission scheme updates across cluster nodes which allows a user to keep old permissions, even if the permission scheme has been updated.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| mattermost | mattermost_server | 9.7.0 ≤ 𝑥 < 9.7.6 |
| mattermost | mattermost_server | 9.8.0 ≤ 𝑥 < 9.8.3 |
| mattermost | mattermost_server | 9.9.0 ≤ 𝑥 < 9.9.3 |
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
| Vendor | Product | Version | Source |
|---|---|---|---|
| mattermost | mattermost | 9.7.0 ≤ 𝑥 ≤ 9.7.5 | CNA |
| mattermost | mattermost | 9.8.0 ≤ 𝑥 ≤ 9.8.2 | CNA |
| mattermost | mattermost | 9.9.0 ≤ 𝑥 ≤ 9.9.2 | CNA |
References