CVE-2024-47003
CVSS 3.1 Score 3.1 of 10 (low)
Details
Summary
CVE-2024-47003 affects Mattermost versions 9.11.x (up to 9.11.0) and 9.5.x (up to 9.5.8), wherein the software fails to properly validate permalink post messages, allowing attackers to submit non-string values that can crash the frontend. This vulnerability poses a low severity risk with an exploitability score of 1.6, requiring low privileges and no user interaction, but it involves high attack complexity and could lead to resource exhaustion. Organizations using the affected versions are advised to upgrade to patched releases as a remediation measure. The potential danger includes service disruption due to frontend crashes, although there is no impact on confidentiality or integrity of data. For further information, organizations can reference the vendor advisory at Mattermost's security updates page.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.