Mattermost Server
Approved changes feed: RSS · Atom
cpe:2.3:a:mattermost:mattermost_server:9.5.0:*:*:*:*:*:*:*
part: a version: 9.5.0 update: *
| Vendor | Mattermost (ed0788ef-af60-58f1-b6aa-68289d9946dc) |
|---|---|
| Product | Mattermost Server (657bc445-594e-5ca1-a676-4f18538f1c02) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-2450 |
vulnerable | 2026-06-03 14:55:29.277133 |
Details available
HIGH (8.8)
Mattermost versions 8.1.x before 8.1.10, 9.2.x before 9.2.6, 9.3.x before 9.3.2, and 9.4.x before 9.4.3 fail to correctly verify account ownership when switching from email to SAML authentication, allowing an authenticated attacker to take over other user accounts via a crafted switch request under specific conditions.
Published: 2024-03-15T09:12:28.880Z
Updated: 2024-08-02T20:35:32.666Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.