Mattermost versions 9.9.x <= 9.9.1, 9.5.x <= 9.5.7, 9.10.x <= 9.10.0, 9.8.x <= 9.8.2, when shared channels are enabled, fail to redact remote users' original email addresses stored in user props when email addresses are otherwise configured not to be visible in the local server."
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://mattermost.com/security-updates |
History
Fri, 23 Aug 2024 16:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Mattermost
Mattermost mattermost |
|
Weaknesses | CWE-312 | |
CPEs | cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:* | |
Vendors & Products |
Mattermost
Mattermost mattermost |
Thu, 22 Aug 2024 14:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Thu, 22 Aug 2024 06:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Mattermost versions 9.9.x <= 9.9.1, 9.5.x <= 9.5.7, 9.10.x <= 9.10.0, 9.8.x <= 9.8.2, when shared channels are enabled, fail to redact remote users' original email addresses stored in user props when email addresses are otherwise configured not to be visible in the local server." | |
Title | Email addresses of remote users visible in props regardless of server settings | |
Weaknesses | CWE-284 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: Mattermost
Published: 2024-08-22T06:29:01.203Z
Updated: 2024-08-22T13:26:55.790Z
Reserved: 2024-08-20T16:09:35.875Z
Link: CVE-2024-32939
Vulnrichment
Updated: 2024-08-22T13:26:49.556Z
NVD
Status : Analyzed
Published: 2024-08-22T07:15:03.353
Modified: 2024-08-23T16:17:54.027
Link: CVE-2024-32939
Redhat
No data.