CVE-2024-39613
CVSS V2 None
CVSS V3 None
Description
Mattermost Desktop App versions <=5.8.0 fail to specify an absolute path when searching the cmd.exe file, which allows a local attacker who is able to put an cmd.exe file in the Downloads folder of a user's machine to cause remote code execution on that machine.
Overview
- CVE ID
- CVE-2024-39613
- Assigner
- Mattermost
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-09-16T06:40:58.501Z
- Last Modified Date
- 2024-09-16T13:05:12.477Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://mattermost.com/security-updates |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-39613 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39613 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-10-06 01:43:04 | Added to TrackCVE |