CVE-2024-43105

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Aug 23, 2024
CWE ID 400

Summary

CVE-2024-43105 is a vulnerability found in Mattermost Plugin Channel Export versions 1.0.0 and earlier, which fails to limit concurrent executions of the /export command. This flaw allows users to excessively consume system resources by initiating multiple simultaneous export requests, potentially leading to resource exhaustion. Affected products include the Mattermost platform that utilizes this plugin. To remediate this issue, organizations should update to a patched version of the plugin that enforces restrictions on concurrent command executions. The vulnerability has a medium severity rating, with an exploitability score of 2.8, indicating a low complexity attack vector that could disrupt service availability without requiring user interaction.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share