CVE-2024-1949
CVSS V2 None
CVSS V3 None
Description
A race condition in Mattermost versions 8.1.x before 8.1.9, and 9.4.x before 9.4.2 allows an authenticated attacker to gain unauthorized access to individual posts' contents via carefully timed post creation while another user deletes posts.
Overview
- CVE ID
- CVE-2024-1949
- Assigner
- Mattermost
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-02-29T10:41:54.916Z
- Last Modified Date
- 2024-02-29T10:41:54.916Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://mattermost.com/security-updates |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-1949 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1949 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-06-26 06:34:03 | Added to TrackCVE |