Mastodon is a free, open-source social network server based on ActivityPub Mastodon allows configuration of LDAP for authentication. Due to insufficient origin validation in all Mastodon, attackers can impersonate and take over any remote account. Every Mastodon version prior to 3.5.17 is vulnerable, as well as 4.0.x versions prior to 4.0.13, 4.1.x version prior to 4.1.13, and 4.2.x versions prior to 4.2.5.
History

Fri, 08 Nov 2024 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2024-02-01T16:18:03.528Z

Updated: 2024-11-08T15:46:29.585Z

Reserved: 2024-01-22T22:23:54.340Z

Link: CVE-2024-23832

cve-icon Vulnrichment

Updated: 2024-08-01T23:13:08.481Z

cve-icon NVD

Status : Modified

Published: 2024-02-01T17:15:10.677

Modified: 2024-11-21T08:58:31.150

Link: CVE-2024-23832

cve-icon Redhat

No data.