Mattermost Desktop App versions <=5.7.0 fail to correctly prompt for permission when opening external URLs which allows a remote attacker to force a victim over the Internet to run arbitrary programs on the victim's system via custom URI schemes.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://mattermost.com/security-updates |
History
Wed, 07 Aug 2024 16:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Mattermost
Mattermost mattermost Desktop |
|
Weaknesses | NVD-CWE-noinfo | |
CPEs | cpe:2.3:a:mattermost:mattermost_desktop:*:*:*:*:*:*:*:* | |
Vendors & Products |
Mattermost
Mattermost mattermost Desktop |
MITRE
Status: PUBLISHED
Assigner: Mattermost
Published: 2024-06-14T08:39:19.578Z
Updated: 2024-08-02T03:50:55.403Z
Reserved: 2024-06-14T08:22:33.365Z
Link: CVE-2024-37182
Vulnrichment
Updated: 2024-08-02T03:50:55.403Z
NVD
Status : Modified
Published: 2024-06-14T09:15:10.013
Modified: 2024-11-21T09:23:22.580
Link: CVE-2024-37182
Redhat
No data.