cve-2024-6428
Vulnerability from cvelistv5
Published
2024-07-03 08:39
Modified
2024-08-01 21:41
Severity ?
EPSS score ?
Summary
Mattermost versions 9.8.0, 9.7.x <= 9.7.4, 9.6.x <= 9.6.2, 9.5.x <= 9.5.5 fail to prevent specifying a RemoteId when creating a new user which allows an attacker to specify both a remoteId and the user ID, resulting in creating a user with a user-defined user ID. This can cause some broken functionality in User Management such administrative actions against the user not working.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| responsibledisclosure@mattermost.com | https://mattermost.com/security-updates | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://mattermost.com/security-updates | Vendor Advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Mattermost | Mattermost |
Version: 9.8.0 Version: 9.7.0 ≤ 9.7.4 Version: 9.6.0 ≤ 9.6.2 Version: 9.5.0 ≤ 9.5.5 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:mattermost:mattermost:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mattermost",
"vendor": "mattermost",
"versions": [
{
"status": "affected",
"version": "9.8.0"
},
{
"lessThanOrEqual": "9.7.4",
"status": "affected",
"version": "9.7.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "9.6.2",
"status": "affected",
"version": "9.6.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "9.5.5",
"status": "affected",
"version": "9.5.0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "9.9.0"
},
{
"status": "unaffected",
"version": "9.8.1"
},
{
"status": "unaffected",
"version": "9.7.5"
},
{
"status": "unaffected",
"version": "9.6.3"
},
{
"status": "unaffected",
"version": "9.5.6"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6428",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-03T13:14:16.920289Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-03T13:25:17.295Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:41:03.285Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://mattermost.com/security-updates"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Mattermost",
"vendor": "Mattermost",
"versions": [
{
"status": "affected",
"version": "9.8.0"
},
{
"lessThanOrEqual": "9.7.4",
"status": "affected",
"version": "9.7.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "9.6.2",
"status": "affected",
"version": "9.6.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "9.5.5",
"status": "affected",
"version": "9.5.0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "9.9.0"
},
{
"status": "unaffected",
"version": "9.8.1"
},
{
"status": "unaffected",
"version": "9.7.5"
},
{
"status": "unaffected",
"version": "9.6.3"
},
{
"status": "unaffected",
"version": "9.5.6"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Juho Fors\u00e9n"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Mattermost versions 9.8.0, 9.7.x \u0026lt;= 9.7.4, 9.6.x \u0026lt;= 9.6.2, 9.5.x \u0026lt;= 9.5.5 fail to prevent specifying a RemoteId when creating a new user which allows an attacker to specify both a remoteId and the user ID, resulting in creating a user with a user-defined user ID. This can cause some broken functionality in User Management such administrative actions against the user not working. "
}
],
"value": "Mattermost versions 9.8.0, 9.7.x \u003c= 9.7.4, 9.6.x \u003c= 9.6.2, 9.5.x \u003c= 9.5.5 fail to prevent specifying a RemoteId when creating a new user which allows an attacker to specify both a remoteId and the user ID, resulting in creating a user with a user-defined user ID. This can cause some broken functionality in User Management such administrative actions against the user not working."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284: Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-03T08:44:34.225Z",
"orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
"shortName": "Mattermost"
},
"references": [
{
"url": "https://mattermost.com/security-updates"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eUpdate Mattermost to versions 9.9.0, 9.8.1, 9.7.5, 9.6.3, 9.5.6 or higher.\u003c/p\u003e"
}
],
"value": "Update Mattermost to versions 9.9.0, 9.8.1, 9.7.5, 9.6.3, 9.5.6 or higher."
}
],
"source": {
"advisory": "MMSA-2024-00348",
"defect": [
"https://mattermost.atlassian.net/browse/MM-58278"
],
"discovery": "INTERNAL"
},
"title": "Limited DoS due to permitting creating users with user-defined IDs",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
"assignerShortName": "Mattermost",
"cveId": "CVE-2024-6428",
"datePublished": "2024-07-03T08:39:28.121Z",
"dateReserved": "2024-07-01T12:15:48.662Z",
"dateUpdated": "2024-08-01T21:41:03.285Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2024-6428\",\"sourceIdentifier\":\"responsibledisclosure@mattermost.com\",\"published\":\"2024-07-03T09:15:08.013\",\"lastModified\":\"2024-11-21T09:49:38.313\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Mattermost versions 9.8.0, 9.7.x \u003c= 9.7.4, 9.6.x \u003c= 9.6.2, 9.5.x \u003c= 9.5.5 fail to prevent specifying a RemoteId when creating a new user which allows an attacker to specify both a remoteId and the user ID, resulting in creating a user with a user-defined user ID. This can cause some broken functionality in User Management such administrative actions against the user not working.\"},{\"lang\":\"es\",\"value\":\"Las versiones de Mattermost 9.8.0, 9.7.x \u0026lt;= 9.7.4, 9.6.x \u0026lt;= 9.6.2, 9.5.x \u0026lt;= 9.5.5 no evitan especificar un RemoteId al crear un nuevo usuario, lo que permite a un atacante especificar ambos. un ID remoto y el ID de usuario, lo que da como resultado la creaci\u00f3n de un usuario con un ID de usuario definido por el usuario. Esto puede provocar que alguna funcionalidad rota en la Gesti\u00f3n de usuarios, como por ejemplo acciones administrativas contra el usuario, no funcionen.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"responsibledisclosure@mattermost.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.9,\"impactScore\":2.5}]},\"weaknesses\":[{\"source\":\"responsibledisclosure@mattermost.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-284\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.5.0\",\"versionEndExcluding\":\"9.5.6\",\"matchCriteriaId\":\"D07BE1B5-9663-4112-9F58-A4BAD0BEC92F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.6.0\",\"versionEndExcluding\":\"9.6.3\",\"matchCriteriaId\":\"08894FF3-4671-4A09-BC9C-9C2664072DE5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.7.0\",\"versionEndExcluding\":\"9.7.5\",\"matchCriteriaId\":\"EC45455D-F190-4B91-8F5B-8E776495840D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.8.0\",\"versionEndExcluding\":\"9.8.1\",\"matchCriteriaId\":\"68C48441-A3DC-4812-9E7E-92B23E1B95BB\"}]}]}],\"references\":[{\"url\":\"https://mattermost.com/security-updates\",\"source\":\"responsibledisclosure@mattermost.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://mattermost.com/security-updates\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://mattermost.com/security-updates\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-01T21:41:03.285Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-6428\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-07-03T13:14:16.920289Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:mattermost:mattermost:-:*:*:*:*:*:*:*\"], \"vendor\": \"mattermost\", \"product\": \"mattermost\", \"versions\": [{\"status\": \"affected\", \"version\": \"9.8.0\"}, {\"status\": \"affected\", \"version\": \"9.7.0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"9.7.4\"}, {\"status\": \"affected\", \"version\": \"9.6.0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"9.6.2\"}, {\"status\": \"affected\", \"version\": \"9.5.0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"9.5.5\"}, {\"status\": \"unaffected\", \"version\": \"9.9.0\"}, {\"status\": \"unaffected\", \"version\": \"9.8.1\"}, {\"status\": \"unaffected\", \"version\": \"9.7.5\"}, {\"status\": \"unaffected\", \"version\": \"9.6.3\"}, {\"status\": \"unaffected\", \"version\": \"9.5.6\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-07-03T13:18:16.621Z\"}}], \"cna\": {\"title\": \"Limited DoS due to permitting creating users with user-defined IDs\", \"source\": {\"defect\": [\"https://mattermost.atlassian.net/browse/MM-58278\"], \"advisory\": \"MMSA-2024-00348\", \"discovery\": \"INTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Juho Fors\\u00e9n\"}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Mattermost\", \"product\": \"Mattermost\", \"versions\": [{\"status\": \"affected\", \"version\": \"9.8.0\"}, {\"status\": \"affected\", \"version\": \"9.7.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"9.7.4\"}, {\"status\": \"affected\", \"version\": \"9.6.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"9.6.2\"}, {\"status\": \"affected\", \"version\": \"9.5.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"9.5.5\"}, {\"status\": \"unaffected\", \"version\": \"9.9.0\"}, {\"status\": \"unaffected\", \"version\": \"9.8.1\"}, {\"status\": \"unaffected\", \"version\": \"9.7.5\"}, {\"status\": \"unaffected\", \"version\": \"9.6.3\"}, {\"status\": \"unaffected\", \"version\": \"9.5.6\"}], \"defaultStatus\": \"unaffected\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"Update Mattermost to versions 9.9.0, 9.8.1, 9.7.5, 9.6.3, 9.5.6 or higher.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eUpdate Mattermost to versions 9.9.0, 9.8.1, 9.7.5, 9.6.3, 9.5.6 or higher.\u003c/p\u003e\", \"base64\": false}]}], \"references\": [{\"url\": \"https://mattermost.com/security-updates\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Mattermost versions 9.8.0, 9.7.x \u003c= 9.7.4, 9.6.x \u003c= 9.6.2, 9.5.x \u003c= 9.5.5 fail to prevent specifying a RemoteId when creating a new user which allows an attacker to specify both a remoteId and the user ID, resulting in creating a user with a user-defined user ID. This can cause some broken functionality in User Management such administrative actions against the user not working.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Mattermost versions 9.8.0, 9.7.x \u0026lt;= 9.7.4, 9.6.x \u0026lt;= 9.6.2, 9.5.x \u0026lt;= 9.5.5 fail to prevent specifying a RemoteId when creating a new user which allows an attacker to specify both a remoteId and the user ID, resulting in creating a user with a user-defined user ID. This can cause some broken functionality in User Management such administrative actions against the user not working. \", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-284\", \"description\": \"CWE-284: Improper Access Control\"}]}], \"providerMetadata\": {\"orgId\": \"9302f53e-dde5-4bf3-b2f2-a83f91ac0eee\", \"shortName\": \"Mattermost\", \"dateUpdated\": \"2024-07-03T08:44:34.225Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-6428\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-08-01T21:41:03.285Z\", \"dateReserved\": \"2024-07-01T12:15:48.662Z\", \"assignerOrgId\": \"9302f53e-dde5-4bf3-b2f2-a83f91ac0eee\", \"datePublished\": \"2024-07-03T08:39:28.121Z\", \"assignerShortName\": \"Mattermost\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.