CVE-2024-39832

Mattermost versions 9.9.x <= 9.9.0, 9.5.x <= 9.5.6, 9.7.x <= 9.7.5, 9.8.x <= 9.8.1 fail to properly safeguard an error handling which allows a malicious remote to permanently delete local data by abusing dangerous error handling, when share channels were enabled.
References
Link Resource
https://mattermost.com/security-updates Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*
cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*
cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*
cpe:2.3:a:mattermost:mattermost:9.9.0:*:*:*:*:*:*:*

History

23 Aug 2024, 14:35

Type Values Removed Values Added
CPE cpe:2.3:a:mattermost:mattermost:9.9.0:*:*:*:*:*:*:*
cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*
Summary
  • (es) Las versiones de Mattermost 9.9.x &lt;= 9.9.0, 9.5.x &lt;= 9.5.6, 9.7.x &lt;= 9.7.5, 9.8.x &lt;= 9.8.1 no protegen adecuadamente un manejo de errores que permite que un control remoto malicioso eliminar permanentemente datos locales abusando del manejo de errores peligroso, cuando se habilitaron los canales compartidos.
References () https://mattermost.com/security-updates - () https://mattermost.com/security-updates - Vendor Advisory
First Time Mattermost mattermost
Mattermost
CVSS v2 : unknown
v3 : 6.8
v2 : unknown
v3 : 8.7

01 Aug 2024, 15:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-08-01 15:15

Updated : 2024-08-23 14:35


NVD link : CVE-2024-39832

Mitre link : CVE-2024-39832

CVE.ORG link : CVE-2024-39832


JSON object : View

Products Affected

mattermost

  • mattermost
CWE
CWE-754

Improper Check for Unusual or Exceptional Conditions