CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-43813

Mattermost versions 9.5.x <= 9.5.7, 9.10.x <= 9.10.0 fail to enforce proper access controls which allows any authenticated user, including guests, to mark any channel inside any team as read for any user.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 30.5%

CVSS Severity

CVSS v3 Score 4.3

References

https://mattermost.com/security-updates

Products affected by CVE-2024-43813

Mattermost » Mattermost » Version: 9.10.0

cpe:2.3:a:mattermost:mattermost:9.10.0
Mattermost » Mattermost » Version: 9.5.0

cpe:2.3:a:mattermost:mattermost:9.5.0
Mattermost » Mattermost » Version: 9.5.1

cpe:2.3:a:mattermost:mattermost:9.5.1
Mattermost » Mattermost » Version: 9.5.2

cpe:2.3:a:mattermost:mattermost:9.5.2
Mattermost » Mattermost » Version: 9.5.3

cpe:2.3:a:mattermost:mattermost:9.5.3
Mattermost » Mattermost » Version: 9.5.4

cpe:2.3:a:mattermost:mattermost:9.5.4
Mattermost » Mattermost » Version: 9.5.5

cpe:2.3:a:mattermost:mattermost:9.5.5
Mattermost » Mattermost » Version: 9.5.6

cpe:2.3:a:mattermost:mattermost:9.5.6
Mattermost » Mattermost » Version: 9.5.7

cpe:2.3:a:mattermost:mattermost:9.5.7

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-43813

Products

Pricing

Contact Us