CVE-2024-1952 — Vulnetix

CVE-2024-1952 PUBLISHED CVSS 3.0999999046325684 LOW

Mattermost incorrectly allows access individual posts

EPSS 0.26% · 49.8th percentile

Risk Scores

CVSS v3.1

3.0999999046325684

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

EPSS Score

0.26%

49.8th percentile

Affected Products

Vendor	Product	Versions
mattermost	mattermost_server	8.1.0, 8.1.0
github.com	mattermost/mattermost/server/v8	9.0.0, 9.0.0
Mattermost	Mattermost	8.1.9, 8.1.0, 9.4

Timeline

Feb 29, 2024 CVE Published
Feb 29, 2024 PoC Published
Feb 29, 2024 PoC Published
Mar 1, 2024 EPSS Score
Mar 27, 2024 EPSS Score
Apr 23, 2024 EPSS Score
May 19, 2024 EPSS Score
Jun 15, 2024 EPSS Score
Jul 12, 2024 EPSS Score
Aug 11, 2024 EPSS Score
Sep 6, 2024 EPSS Score
Oct 2, 2024 EPSS Score

References

https://mattermost.com/security-updates url
https://nvd.nist.gov/vuln/detail/CVE-2024-1952 advisory
https://github.com/advisories/GHSA-r4fm-g65h-cr54 advisory
https://github.com/mattermost/mattermost package

Open in Interactive Console →

$ Console Community · 100/wk Open console ›