Improper Access Control in Mattermost Server versions 8.1.x before 8.1.11 allows an attacker that is in a channel with an active call to keep participating in the call even if they are removed from the channel
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://mattermost.com/security-updates |
History
Fri, 13 Dec 2024 17:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Mattermost
Mattermost mattermost Server |
|
Weaknesses | CWE-273 | |
CPEs | cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:* | |
Vendors & Products |
Mattermost
Mattermost mattermost Server |
MITRE
Status: PUBLISHED
Assigner: Mattermost
Published: 2024-04-05T08:13:01.713Z
Updated: 2024-08-01T22:27:36.465Z
Reserved: 2024-04-03T10:03:48.279Z
Link: CVE-2024-21848
Vulnrichment
Updated: 2024-08-01T22:27:36.465Z
NVD
Status : Analyzed
Published: 2024-04-05T09:15:09.017
Modified: 2024-12-13T16:36:59.837
Link: CVE-2024-21848
Redhat
No data.