Mattermost Android Mobile Apps versions <=2.21.0 fail to properly configure file providers which allows an attacker with local access to access files via file provider.
References
History

Mon, 16 Dec 2024 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Mon, 16 Dec 2024 16:45:00 +0000

Type Values Removed Values Added
Description Mattermost Android Mobile Apps versions <=2.21.0 fail to properly configure file providers which allows an attacker with local access to access files via file provider.
Title Insecure Android File Provider Paths
Weaknesses CWE-284
References
Metrics cvssV3_1

{'score': 5.7, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: Mattermost

Published: 2024-12-16T16:20:27.908Z

Updated: 2024-12-16T18:09:54.764Z

Reserved: 2024-11-18T18:41:08.491Z

Link: CVE-2024-11358

cve-icon Vulnrichment

Updated: 2024-12-16T18:09:47.273Z

cve-icon NVD

Status : Received

Published: 2024-12-16T17:15:07.543

Modified: 2024-12-16T17:15:07.543

Link: CVE-2024-11358

cve-icon Redhat

No data.