CVE-2024-43813

NVD Published Date: August 22, 2024 at 07:15 AM
NVD Last Modified: August 23, 2024 at 03:35 PM
Download Patch
Vulnerability ID
CVE-2024-43813
Severity
MEDIUM
Severity Score
4.3
Summary
Mattermost versions 9.5.x <= 9.5.7, 9.10.x <= 9.10.0 fail to enforce proper access controls which allows any authenticated user, including guests, to mark any channel inside any team as read for any user.
Mitigation and Patches
-
Exploits
-
Metasploit Payload
-
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
CWE ID
NVD-CWE-Other

Recent Publish

CVE-2024-39810

CVE-2024-42411

CVE-2024-32939

CVE-2024-39836

CVE-2024-40886

CVE-2024-8071

See SecOps Solution
in action

Schedule Demo