CVE-2024-24774
CVSS V2 None
CVSS V3 None
Description
Mattermost Jira Plugin handling subscriptions fails to check the security level of an incoming issue or limit it based on the user who created the subscription resulting in registered users on Jira being able to create webhooks that give them access to all Jira issues.
Overview
- CVE ID
- CVE-2024-24774
- Assigner
- Mattermost
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-02-09T14:46:58.777Z
- Last Modified Date
- 2024-02-09T14:46:58.777Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://mattermost.com/security-updates |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-24774 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24774 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-06-26 04:08:14 | Added to TrackCVE |