216.73.217.50

CVE-2024-54083

· Published 16/12/2024 08:15 · Modified 16/12/2024 08:15

Labels: CVE-2024-54083 2024-12-16CVE-2024-54083CWE-1287[email protected]

Essential information

Published
16/12/2024 08:15
Modified
16/12/2024 08:15
Author
Creator
CVSS
6.5 MEDIUM (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVSS metrics

Description

Mattermost versions 10.1.x <= 10.1.2, 10.0.x <= 10.0.2, 9.11.x <= 9.11.4, 9.5.x <= 9.5.12 fail to properly validate the type of callProps which allows a user to cause a client side (webapp and mobile) DoS to users of particular channels, by sending a specially crafted post.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

References