BIT-mattermost-2024-47145

BIT-mattermost-2024-47145 PUBLISHED CVSS 4.300000190734863 MEDIUM

Mattermost versions 9.5.x <= 9.5.8 fail to properly authorize access to archived channels when viewing archived channels is disabled, which allows an attacker to view posts and files of archived channels via file links.

Risk Scores

CVSS 3.1

4.300000190734863

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Affected Products

Vendor	Product	Versions
Bitnami	mattermost	9.5.0, 9.5.0, 9.5.0

Timeline

Sep 27, 2024 CVE Published
Apr 3, 2025 CVE Updated

References

https://mattermost.com/security-updates url
https://nvd.nist.gov/vuln/detail/CVE-2024-47145 url

Open in Interactive Console →