Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2025-AVI-0801
Vulnerability from certfr_avis - Published: 2025-09-17 - Updated: 2025-10-16
De multiples vulnérabilités ont été découvertes dans les produits Mattermost. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à la confidentialité des données et un contournement de la politique de sécurité.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Mattermost | Mattermost Server | Mattermost Server versions 10.10.x antérieures à 10.10.3 | ||
| Mattermost | Mattermost Server | Mattermost Server versions 10.5.x antérieures à 10.5.11 | ||
| Mattermost | Mattermost Desktop App | Mattermost Desktop App versions antérieures à 5.13.1.0 | ||
| Mattermost | Mattermost Server | Mattermost Server versions 10.11.x antérieures à 10.11.3 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Mattermost Server versions 10.10.x ant\u00e9rieures \u00e0 10.10.3",
"product": {
"name": "Mattermost Server",
"vendor": {
"name": "Mattermost",
"scada": false
}
}
},
{
"description": "Mattermost Server versions 10.5.x ant\u00e9rieures \u00e0 10.5.11",
"product": {
"name": "Mattermost Server",
"vendor": {
"name": "Mattermost",
"scada": false
}
}
},
{
"description": "Mattermost Desktop App versions ant\u00e9rieures \u00e0 5.13.1.0",
"product": {
"name": "Mattermost Desktop App",
"vendor": {
"name": "Mattermost",
"scada": false
}
}
},
{
"description": "Mattermost Server versions 10.11.x ant\u00e9rieures \u00e0 10.11.3",
"product": {
"name": "Mattermost Server",
"vendor": {
"name": "Mattermost",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-58084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58084"
},
{
"name": "CVE-2025-58073",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58073"
},
{
"name": "CVE-2025-58075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58075"
},
{
"name": "CVE-2025-41443",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41443"
},
{
"name": "CVE-2025-54499",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54499"
},
{
"name": "CVE-2025-10545",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10545"
},
{
"name": "CVE-2025-41410",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41410"
}
],
"initial_release_date": "2025-09-17T00:00:00",
"last_revision_date": "2025-10-16T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0801",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-09-17T00:00:00.000000"
},
{
"description": "Ajout de l\u0027identifiant CVE-2025-58084 et modification du risque.",
"revision_date": "2025-10-14T00:00:00.000000"
},
{
"description": "Ajout des identifiants CVE et modification du risque",
"revision_date": "2025-10-16T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Mattermost. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et un contournement de la politique de s\u00e9curit\u00e9.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Mattermost",
"vendor_advisories": [
{
"published_at": "2025-09-16",
"title": "Bulletin de s\u00e9curit\u00e9 Mattermost MMSA-2025-00497",
"url": "https://mattermost.com/security-updates/"
},
{
"published_at": "2025-09-16",
"title": "Bulletin de s\u00e9curit\u00e9 Mattermost MMSA-2025-00496",
"url": "https://mattermost.com/security-updates/"
},
{
"published_at": "2025-09-16",
"title": "Bulletin de s\u00e9curit\u00e9 Mattermost MMSA-2025-00507",
"url": "https://mattermost.com/security-updates/"
},
{
"published_at": "2025-09-16",
"title": "Bulletin de s\u00e9curit\u00e9 Mattermost MMSA-2025-00508",
"url": "https://mattermost.com/security-updates/"
},
{
"published_at": "2025-09-16",
"title": "Bulletin de s\u00e9curit\u00e9 Mattermost MMSA-2025-00525",
"url": "https://mattermost.com/security-updates/"
},
{
"published_at": "2025-09-16",
"title": "Bulletin de s\u00e9curit\u00e9 Mattermost MMSA-2025-00516",
"url": "https://mattermost.com/security-updates/"
},
{
"published_at": "2025-09-15",
"title": "Bulletin de s\u00e9curit\u00e9 Mattermost MMSA-2025-00514",
"url": "https://mattermost.com/security-updates/"
},
{
"published_at": "2025-09-15",
"title": "Bulletin de s\u00e9curit\u00e9 Mattermost MMSA-2025-00515",
"url": "https://mattermost.com/security-updates/"
}
]
}
CVE-2025-41443 (GCVE-0-2025-41443)
Vulnerability from cvelistv5 – Published: 2025-10-16 08:10 – Updated: 2025-10-29 08:06
VLAI?
EPSS
Summary
Mattermost versions 10.5.x <= 10.5.12, 10.11.x <= 10.11.2 fail to properly validate guest user permissions when accessing channel information which allows guest users to discover active public channels and their metadata via the `/api/v4/teams/{team_id}/channels/ids` endpoint
Severity ?
4.3 (Medium)
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Mattermost | Mattermost |
Affected:
10.5.0 , ≤ 10.5.12
(semver)
Affected: 10.11.0 , ≤ 10.11.2 (semver) Unaffected: 10.12.0 Unaffected: 10.5.13 Unaffected: 10.11.3 |
Credits
lordwillmore
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-41443",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-16T13:58:02.191501Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-16T13:58:12.764Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Mattermost",
"vendor": "Mattermost",
"versions": [
{
"lessThanOrEqual": "10.5.12",
"status": "affected",
"version": "10.5.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.11.2",
"status": "affected",
"version": "10.11.0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "10.12.0"
},
{
"status": "unaffected",
"version": "10.5.13"
},
{
"status": "unaffected",
"version": "10.11.3"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "lordwillmore"
}
],
"descriptions": [
{
"lang": "en",
"value": "Mattermost versions 10.5.x \u003c= 10.5.12, 10.11.x \u003c= 10.11.2 fail to properly validate guest user permissions when accessing channel information which allows guest users to discover active public channels and their metadata via the `/api/v4/teams/{team_id}/channels/ids` endpoint"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862: Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-29T08:06:29.837Z",
"orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
"shortName": "Mattermost"
},
"references": [
{
"url": "https://mattermost.com/security-updates"
}
],
"solutions": [
{
"lang": "en",
"value": "Update Mattermost to versions 10.12.0, 10.5.13, 10.11.3 or higher."
}
],
"source": {
"advisory": "MMSA-2025-00496",
"defect": [
"https://mattermost.atlassian.net/browse/MM-64452"
],
"discovery": "EXTERNAL"
},
"title": "Guest user can discover active public channels"
}
},
"cveMetadata": {
"assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
"assignerShortName": "Mattermost",
"cveId": "CVE-2025-41443",
"datePublished": "2025-10-16T08:10:40.582Z",
"dateReserved": "2025-09-16T08:32:57.376Z",
"dateUpdated": "2025-10-29T08:06:29.837Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-58073 (GCVE-0-2025-58073)
Vulnerability from cvelistv5 – Published: 2025-10-16 08:44 – Updated: 2025-10-22 03:55
VLAI?
EPSS
Summary
Mattermost versions 10.11.x <= 10.11.1, 10.10.x <= 10.10.2, 10.5.x <= 10.5.10 fail to verify a user has permission to join a Mattermost team using the original invite token which allows any attacked to join any team on a Mattermost server regardless of restrictions via manipulating the OAuth state.
Severity ?
8.1 (High)
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Mattermost | Mattermost |
Affected:
10.11.0 , ≤ 10.11.1
(semver)
Affected: 10.10.0 , ≤ 10.10.2 (semver) Affected: 10.5.0 , ≤ 10.5.10 (semver) Unaffected: 10.12.0 Unaffected: 10.11.2 Unaffected: 10.10.3 Unaffected: 10.5.11 |
Credits
DoyenSec
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-58073",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-21T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-22T03:55:15.316Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Mattermost",
"vendor": "Mattermost",
"versions": [
{
"lessThanOrEqual": "10.11.1",
"status": "affected",
"version": "10.11.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.10.2",
"status": "affected",
"version": "10.10.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.5.10",
"status": "affected",
"version": "10.5.0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "10.12.0"
},
{
"status": "unaffected",
"version": "10.11.2"
},
{
"status": "unaffected",
"version": "10.10.3"
},
{
"status": "unaffected",
"version": "10.5.11"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "DoyenSec"
}
],
"descriptions": [
{
"lang": "en",
"value": "Mattermost versions 10.11.x \u003c= 10.11.1, 10.10.x \u003c= 10.10.2, 10.5.x \u003c= 10.5.10 fail to verify a user has permission to join a Mattermost team using the original invite token which allows any attacked to join any team on a Mattermost server regardless of restrictions via manipulating the OAuth state."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862: Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-16T08:44:26.158Z",
"orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
"shortName": "Mattermost"
},
"references": [
{
"url": "https://mattermost.com/security-updates"
}
],
"solutions": [
{
"lang": "en",
"value": "Update Mattermost to versions 10.12.0, 10.11.2, 10.10.3, 10.5.11 or higher."
}
],
"source": {
"advisory": "MMSA-2025-00507",
"defect": [
"https://mattermost.atlassian.net/browse/MM-64897"
],
"discovery": "EXTERNAL"
},
"title": "Arbitrary Mattermost Team can be joined by manipulating the OAuth state"
}
},
"cveMetadata": {
"assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
"assignerShortName": "Mattermost",
"cveId": "CVE-2025-58073",
"datePublished": "2025-10-16T08:44:26.158Z",
"dateReserved": "2025-09-16T08:32:57.336Z",
"dateUpdated": "2025-10-22T03:55:15.316Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-58075 (GCVE-0-2025-58075)
Vulnerability from cvelistv5 – Published: 2025-10-16 08:20 – Updated: 2025-10-22 03:55
VLAI?
EPSS
Summary
Mattermost versions 10.11.x <= 10.11.1, 10.10.x <= 10.10.2, 10.5.x <= 10.5.10 fail to verify a user has permission to join a Mattermost team using the original invite token which allows any attacked to join any team on a Mattermost server regardless of restrictions via manipulating the RelayState
Severity ?
8.1 (High)
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Mattermost | Mattermost |
Affected:
10.11.0 , ≤ 10.11.1
(semver)
Affected: 10.10.0 , ≤ 10.10.2 (semver) Affected: 10.5.0 , ≤ 10.5.10 (semver) Unaffected: 10.12.0 Unaffected: 10.11.2 Unaffected: 10.10.3 Unaffected: 10.5.11 |
Credits
DoyenSec
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-58075",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-21T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-22T03:55:13.916Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Mattermost",
"vendor": "Mattermost",
"versions": [
{
"lessThanOrEqual": "10.11.1",
"status": "affected",
"version": "10.11.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.10.2",
"status": "affected",
"version": "10.10.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.5.10",
"status": "affected",
"version": "10.5.0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "10.12.0"
},
{
"status": "unaffected",
"version": "10.11.2"
},
{
"status": "unaffected",
"version": "10.10.3"
},
{
"status": "unaffected",
"version": "10.5.11"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "DoyenSec"
}
],
"descriptions": [
{
"lang": "en",
"value": "Mattermost versions 10.11.x \u003c= 10.11.1, 10.10.x \u003c= 10.10.2, 10.5.x \u003c= 10.5.10 fail to verify a user has permission to join a Mattermost team using the original invite token which allows any attacked to join any team on a Mattermost server regardless of restrictions via manipulating the RelayState"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862: Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-16T08:20:06.939Z",
"orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
"shortName": "Mattermost"
},
"references": [
{
"url": "https://mattermost.com/security-updates"
}
],
"solutions": [
{
"lang": "en",
"value": "Update Mattermost to versions 10.12.0, 10.11.2, 10.10.3, 10.5.11 or higher."
}
],
"source": {
"advisory": "MMSA-2025-00508",
"defect": [
"https://mattermost.atlassian.net/browse/MM-64895"
],
"discovery": "EXTERNAL"
},
"title": "Arbitrary Mattermost Team can be joined by manipulating the SAML RelayState"
}
},
"cveMetadata": {
"assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
"assignerShortName": "Mattermost",
"cveId": "CVE-2025-58075",
"datePublished": "2025-10-16T08:20:06.939Z",
"dateReserved": "2025-09-16T08:32:57.321Z",
"dateUpdated": "2025-10-22T03:55:13.916Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-41410 (GCVE-0-2025-41410)
Vulnerability from cvelistv5 – Published: 2025-10-16 08:39 – Updated: 2025-10-16 14:00
VLAI?
EPSS
Summary
Mattermost versions 10.10.x <= 10.10.2, 10.5.x <= 10.5.10, 10.11.x <= 10.11.2 fail to validate email ownership during Slack import process which allows attackers to create verified user accounts with arbitrary email domains via malicious Slack import data to bypass email-based team access restrictions
Severity ?
5.4 (Medium)
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Mattermost | Mattermost |
Affected:
10.10.0 , ≤ 10.10.2
(semver)
Affected: 10.5.0 , ≤ 10.5.10 (semver) Affected: 10.11.0 , ≤ 10.11.2 (semver) Unaffected: 10.12.0 Unaffected: 10.10.3 Unaffected: 10.5.11 Unaffected: 10.11.3 |
Credits
daw10
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-41410",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-16T13:59:31.979617Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-16T14:00:19.181Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Mattermost",
"vendor": "Mattermost",
"versions": [
{
"lessThanOrEqual": "10.10.2",
"status": "affected",
"version": "10.10.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.5.10",
"status": "affected",
"version": "10.5.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.11.2",
"status": "affected",
"version": "10.11.0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "10.12.0"
},
{
"status": "unaffected",
"version": "10.10.3"
},
{
"status": "unaffected",
"version": "10.5.11"
},
{
"status": "unaffected",
"version": "10.11.3"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "daw10"
}
],
"descriptions": [
{
"lang": "en",
"value": "Mattermost versions 10.10.x \u003c= 10.10.2, 10.5.x \u003c= 10.5.10, 10.11.x \u003c= 10.11.2 fail to validate email ownership during Slack import process which allows attackers to create verified user accounts with arbitrary email domains via malicious Slack import data to bypass email-based team access restrictions"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862: Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-16T08:39:58.233Z",
"orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
"shortName": "Mattermost"
},
"references": [
{
"url": "https://mattermost.com/security-updates"
}
],
"solutions": [
{
"lang": "en",
"value": "Update Mattermost to versions 10.12.0, 10.10.3, 10.5.11, 10.11.3 or higher."
}
],
"source": {
"advisory": "MMSA-2025-00525",
"defect": [
"https://mattermost.atlassian.net/browse/MM-64924"
],
"discovery": "EXTERNAL"
},
"title": "Slack import bypasses email verification for team access controls"
}
},
"cveMetadata": {
"assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
"assignerShortName": "Mattermost",
"cveId": "CVE-2025-41410",
"datePublished": "2025-10-16T08:39:58.233Z",
"dateReserved": "2025-09-16T08:32:57.345Z",
"dateUpdated": "2025-10-16T14:00:19.181Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-10545 (GCVE-0-2025-10545)
Vulnerability from cvelistv5 – Published: 2025-10-16 08:24 – Updated: 2025-10-16 14:14
VLAI?
EPSS
Summary
Mattermost versions 10.5.x <= 10.5.10, 10.11.x <= 10.11.2 fail to properly validate guest user permissions when adding channel members which allows guest users to add any team members to their private channels via the `/api/v4/channels/{channel_id}/members` endpoint
Severity ?
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Mattermost | Mattermost |
Affected:
10.5.0 , ≤ 10.5.10
(semver)
Affected: 10.11.0 , ≤ 10.11.2 (semver) Unaffected: 10.12.0 Unaffected: 10.5.11 Unaffected: 10.11.3 |
Credits
lordwillmore
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10545",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-16T14:13:30.975814Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-16T14:14:09.887Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Mattermost",
"vendor": "Mattermost",
"versions": [
{
"lessThanOrEqual": "10.5.10",
"status": "affected",
"version": "10.5.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.11.2",
"status": "affected",
"version": "10.11.0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "10.12.0"
},
{
"status": "unaffected",
"version": "10.5.11"
},
{
"status": "unaffected",
"version": "10.11.3"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "lordwillmore"
}
],
"descriptions": [
{
"lang": "en",
"value": "Mattermost versions 10.5.x \u003c= 10.5.10, 10.11.x \u003c= 10.11.2 fail to properly validate guest user permissions when adding channel members which allows guest users to add any team members to their private channels via the `/api/v4/channels/{channel_id}/members` endpoint"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863: Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-16T08:24:25.928Z",
"orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
"shortName": "Mattermost"
},
"references": [
{
"url": "https://mattermost.com/security-updates"
}
],
"solutions": [
{
"lang": "en",
"value": "Update Mattermost to versions 10.12.0, 10.5.11, 10.11.3 or higher."
}
],
"source": {
"advisory": "MMSA-2025-00497",
"defect": [
"https://mattermost.atlassian.net/browse/MM-64444"
],
"discovery": "EXTERNAL"
},
"title": "Guest user can add unauthorized team users to private channels"
}
},
"cveMetadata": {
"assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
"assignerShortName": "Mattermost",
"cveId": "CVE-2025-10545",
"datePublished": "2025-10-16T08:24:25.928Z",
"dateReserved": "2025-09-16T08:41:00.850Z",
"dateUpdated": "2025-10-16T14:14:09.887Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-54499 (GCVE-0-2025-54499)
Vulnerability from cvelistv5 – Published: 2025-10-16 08:17 – Updated: 2025-10-16 13:51
VLAI?
EPSS
Summary
Mattermost versions 10.5.x <= 10.5.10, 10.11.x <= 10.11.2 fail to use constant-time comparison for sensitive string comparisons which allows attackers to exploit timing oracles to perform byte-by-byte brute force attacks via response time analysis on Cloud API keys and OAuth client secrets
Severity ?
CWE
- CWE-208 - Observable Timing Discrepancy
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Mattermost | Mattermost |
Affected:
10.5.0 , ≤ 10.5.10
(semver)
Affected: 10.11.0 , ≤ 10.11.2 (semver) Unaffected: 10.12.0 Unaffected: 10.5.11 Unaffected: 10.11.3 |
Credits
DoyenSec
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-54499",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-16T13:49:58.206427Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-16T13:51:10.320Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Mattermost",
"vendor": "Mattermost",
"versions": [
{
"lessThanOrEqual": "10.5.10",
"status": "affected",
"version": "10.5.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.11.2",
"status": "affected",
"version": "10.11.0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "10.12.0"
},
{
"status": "unaffected",
"version": "10.5.11"
},
{
"status": "unaffected",
"version": "10.11.3"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "DoyenSec"
}
],
"descriptions": [
{
"lang": "en",
"value": "Mattermost versions 10.5.x \u003c= 10.5.10, 10.11.x \u003c= 10.11.2 fail to use constant-time comparison for sensitive string comparisons which allows attackers to exploit timing oracles to perform byte-by-byte brute force attacks via response time analysis on Cloud API keys and OAuth client secrets"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-208",
"description": "CWE-208: Observable Timing Discrepancy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-16T08:17:20.937Z",
"orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
"shortName": "Mattermost"
},
"references": [
{
"url": "https://mattermost.com/security-updates"
}
],
"solutions": [
{
"lang": "en",
"value": "Update Mattermost to versions 10.12.0, 10.5.11, 10.11.3 or higher."
}
],
"source": {
"advisory": "MMSA-2025-00516",
"defect": [
"https://mattermost.atlassian.net/browse/MM-64968"
],
"discovery": "EXTERNAL"
},
"title": "Insecure string comparison enables timing attacks"
}
},
"cveMetadata": {
"assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
"assignerShortName": "Mattermost",
"cveId": "CVE-2025-54499",
"datePublished": "2025-10-16T08:17:20.937Z",
"dateReserved": "2025-09-16T08:32:57.368Z",
"dateUpdated": "2025-10-16T13:51:10.320Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-58084 (GCVE-0-2025-58084)
Vulnerability from cvelistv5 – Published: 2025-10-13 19:57 – Updated: 2025-10-14 14:28
VLAI?
EPSS
Summary
Mattermost Desktop App versions <= 5.13.0 fail to validate URLs external to the configured Mattermost servers, allowing an attacker on a server the user has configured to crash the user's application by sending the user a malformed URL.
Severity ?
CWE
- CWE-1287 - Improper Validation of Specified Type of Input
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Mattermost | Mattermost |
Affected:
0 , ≤ 5.13.0
(semver)
Unaffected: 5.13.1 |
Credits
Doyensec
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-58084",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-14T14:28:39.740317Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T14:28:52.930Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Mattermost",
"vendor": "Mattermost",
"versions": [
{
"lessThanOrEqual": "5.13.0",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "5.13.1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Doyensec"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgba(227, 228, 232, 0.04);\"\u003eMattermost Desktop App versions \u0026lt;= 5.13.0 fail to validate URLs external to the configured Mattermost servers, allowing an attacker on a server the user has configured to crash the user\u0027s application by sending the user a malformed URL.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Mattermost Desktop App versions \u003c= 5.13.0 fail to validate URLs external to the configured Mattermost servers, allowing an attacker on a server the user has configured to crash the user\u0027s application by sending the user a malformed URL."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1287",
"description": "CWE-1287: Improper Validation of Specified Type of Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-13T19:57:23.997Z",
"orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
"shortName": "Mattermost"
},
"references": [
{
"url": "https://mattermost.com/security-updates"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eUpdate Mattermost Desktop App to versions 5.13.1 or higher.\u003c/p\u003e"
}
],
"value": "Update Mattermost Desktop App to versions 5.13.1 or higher."
}
],
"source": {
"advisory": "MMSA-2025-00514",
"defect": [
"https://mattermost.atlassian.net/browse/MM-64948"
],
"discovery": "EXTERNAL"
},
"title": "Mattermost Desktop App crashes when clicking on malformed external URL",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
"assignerShortName": "Mattermost",
"cveId": "CVE-2025-58084",
"datePublished": "2025-10-13T19:57:23.997Z",
"dateReserved": "2025-09-11T18:33:39.540Z",
"dateUpdated": "2025-10-14T14:28:52.930Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…