CVE-2024-10214

Mattermost versions 9.11.X <= 9.11.1, 9.5.x <= 9.5.9 icorrectly issues two sessions when using desktop SSO - one in the browser and one in desktop with incorrect settings.
References
Link Resource
https://mattermost.com/security-updates Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*
cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*

History

05 Nov 2024, 17:03

Type Values Removed Values Added
References () https://mattermost.com/security-updates - () https://mattermost.com/security-updates - Vendor Advisory
First Time Mattermost mattermost
Mattermost
CPE cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*
CWE NVD-CWE-Other

29 Oct 2024, 14:34

Type Values Removed Values Added
Summary
  • (es) Las versiones 9.11.X &lt;= 9.11.1, 9.5.x &lt;= 9.5.9 de Mattermost emiten incorrectamente dos sesiones al usar SSO de escritorio: una en el navegador y otra en el escritorio con configuraciones incorrectas.

28 Oct 2024, 15:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-10-28 15:15

Updated : 2024-11-05 17:03


NVD link : CVE-2024-10214

Mitre link : CVE-2024-10214

CVE.ORG link : CVE-2024-10214


JSON object : View

Products Affected

mattermost

  • mattermost
CWE
NVD-CWE-Other CWE-303

Incorrect Implementation of Authentication Algorithm