CVE-2024-54083
EUVD-2024-352816.12.2024, 08:15
Mattermost versions 10.1.x <= 10.1.2, 10.0.x <= 10.0.2, 9.11.x <= 9.11.4, 9.5.x <= 9.5.12 fail to properly validate the type of callProps which allows a user to cause a client side (webapp and mobile) DoS to users of particular channels, by sending a specially crafted post.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| mattermost | mattermost_server | 9.5.0 ≤ 𝑥 < 9.5.13 |
| mattermost | mattermost_server | 9.11.0 ≤ 𝑥 < 9.11.5 |
| mattermost | mattermost_server | 10.0.0 ≤ 𝑥 < 10.0.3 |
| mattermost | mattermost_server | 10.1.0 ≤ 𝑥 < 10.1.3 |
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
| Vendor | Product | Version | Source |
|---|---|---|---|
| mattermost | mattermost | 10.1.0 ≤ 𝑥 ≤ 10.1.2 | CNA |
| mattermost | mattermost | 10.0.0 ≤ 𝑥 ≤ 10.0.2 | CNA |
| mattermost | mattermost | 9.11.0 ≤ 𝑥 ≤ 9.11.4 | CNA |
| mattermost | mattermost | 9.5.0 ≤ 𝑥 ≤ 9.5.12 | CNA |
Common Weakness Enumeration
References