Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cnvdChina National Vulnerability DatabaseCNVD-2024-14307
HistoryMar 19, 2024 - 12:00 a.m.

Mattermost Authorization Issue Vulnerability (CNVD-2024-14307)

2024-03-1900:00:00
China National Vulnerability Database
www.cnvd.org.cn
8
mattermost
authorization
vulnerability
account takeover
collaboration platform
united states
mattermost inc.

6.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%

JSON

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from an authorization problem vulnerability that stems from an inability to properly verify account ownership, which can be exploited by an authenticated attacker to take over another user’s account under certain conditions via a crafted switch request.

Related

cvelist 1
veracode 1
cve 1
nvd 1
cvelist
cvelist
CVE-2024-2450
2024-03-15 09:12:28
veracode
veracode
Improper Authentication
2024-03-27 06:38:20
cve
cve
CVE-2024-2450
2024-03-15 10:15:08
nvd
nvd
CVE-2024-2450
2024-03-15 10:15:08

6.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%

JSON
Related for CNVD-2024-14307
cvelist1veracode1cve1nvd1