Vulnerability-Lookup

CNVD-2024-14306

Vulnerability from cnvd - Published: 2024-03-21

Title

Mattermost跨站脚本漏洞（CNVD-2024-14306）

Description

Mattermost是美国Mattermost公司的一个开源协作平台。Matter是一个统一的开源应用层连接标准，旨在使开发人员和设备制造商能够连接并构建可靠、安全的生态系统，并提高联网家庭设备之间的兼容性。 Mattermost存在跨站脚本漏洞，该漏洞源于无法转义用户控制的输出页面，攻击者可利用该漏洞执行反射型跨站脚本攻击。

Severity

中

Patch Name

Mattermost跨站脚本漏洞（CNVD-2024-14306）的补丁

Patch Description

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://mattermost.com/security-updates/

Reference

https://nvd.nist.gov/vuln/detail/CVE-2024-2445

Impacted products

Name
['Mattermost Mattermost >=8.1.x，<8.1.10', 'Mattermost Mattermost >=9.2.x，<9.2.6', 'Mattermost Mattermost >=9.3.x，<9.3.2', 'Mattermost Mattermost >=9.4.x，<9.4.3']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2024-2445",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2024-2445"
    }
  },
  "description": "Mattermost\u662f\u7f8e\u56fdMattermost\u516c\u53f8\u7684\u4e00\u4e2a\u5f00\u6e90\u534f\u4f5c\u5e73\u53f0\u3002Matter\u662f\u4e00\u4e2a\u7edf\u4e00\u7684\u5f00\u6e90\u5e94\u7528\u5c42\u8fde\u63a5\u6807\u51c6\uff0c\u65e8\u5728\u4f7f\u5f00\u53d1\u4eba\u5458\u548c\u8bbe\u5907\u5236\u9020\u5546\u80fd\u591f\u8fde\u63a5\u5e76\u6784\u5efa\u53ef\u9760\u3001\u5b89\u5168\u7684\u751f\u6001\u7cfb\u7edf\uff0c\u5e76\u63d0\u9ad8\u8054\u7f51\u5bb6\u5ead\u8bbe\u5907\u4e4b\u95f4\u7684\u517c\u5bb9\u6027\u3002\n\nMattermost\u5b58\u5728\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u65e0\u6cd5\u8f6c\u4e49\u7528\u6237\u63a7\u5236\u7684\u8f93\u51fa\u9875\u9762\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u53cd\u5c04\u578b\u8de8\u7ad9\u811a\u672c\u653b\u51fb\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://mattermost.com/security-updates/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2024-14306",
  "openTime": "2024-03-21",
  "patchDescription": "Mattermost\u662f\u7f8e\u56fdMattermost\u516c\u53f8\u7684\u4e00\u4e2a\u5f00\u6e90\u534f\u4f5c\u5e73\u53f0\u3002Matter\u662f\u4e00\u4e2a\u7edf\u4e00\u7684\u5f00\u6e90\u5e94\u7528\u5c42\u8fde\u63a5\u6807\u51c6\uff0c\u65e8\u5728\u4f7f\u5f00\u53d1\u4eba\u5458\u548c\u8bbe\u5907\u5236\u9020\u5546\u80fd\u591f\u8fde\u63a5\u5e76\u6784\u5efa\u53ef\u9760\u3001\u5b89\u5168\u7684\u751f\u6001\u7cfb\u7edf\uff0c\u5e76\u63d0\u9ad8\u8054\u7f51\u5bb6\u5ead\u8bbe\u5907\u4e4b\u95f4\u7684\u517c\u5bb9\u6027\u3002\r\n\r\nMattermost\u5b58\u5728\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u65e0\u6cd5\u8f6c\u4e49\u7528\u6237\u63a7\u5236\u7684\u8f93\u51fa\u9875\u9762\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u53cd\u5c04\u578b\u8de8\u7ad9\u811a\u672c\u653b\u51fb\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Mattermost\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\uff08CNVD-2024-14306\uff09\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Mattermost Mattermost \u003e=8.1.x\uff0c\u003c8.1.10",
      "Mattermost Mattermost \u003e=9.2.x\uff0c\u003c9.2.6",
      "Mattermost Mattermost \u003e=9.3.x\uff0c\u003c9.3.2",
      "Mattermost Mattermost \u003e=9.4.x\uff0c\u003c9.4.3"
    ]
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2024-2445",
  "serverity": "\u4e2d",
  "submitTime": "2024-03-19",
  "title": "Mattermost\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\uff08CNVD-2024-14306\uff09"
}

CVE-2024-2445 (GCVE-0-2024-2445)

Vulnerability from cvelistv5 – Published: 2024-03-15 09:19 – Updated: 2024-08-01 19:11

Title

Reflected XSS in Mattermost Jira plugin

Summary

Mattermost Jira plugin versions shipped with Mattermost versions 8.1.x before 8.1.10, 9.2.x before 9.2.6, 9.3.x before 9.3.2, and 9.4.x before 9.4.3 fail to escape user-controlled outputs when generating HTML pages, which allows an attacker to perform reflected cross-site scripting attacks against the users of the Mattermost server.

Severity ?

6.1 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWE

CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Assigner

Mattermost

References

URL

Tags

https://mattermost.com/security-updates

Impacted products

	Vendor	Product	Version
	Mattermost	Mattermost	Affected: 9.4.0 , ≤ 9.4.2 (semver) Affected: 9.3.0 , ≤ 9.3.1 (semver) Affected: 9.2.0 , ≤ 9.2.5 (semver) Affected: 8.1.0 , ≤ 8.1.9 (semver) Unaffected: 9.5.0 Unaffected: 9.4.3 Unaffected: 9.3.2 Unaffected: 9.2.6 Unaffected: 8.1.10

Credits

Juho Nurminen

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-2445",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-18T18:53:41.753419Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:30:11.664Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T19:11:53.602Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://mattermost.com/security-updates"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Mattermost",
          "vendor": "Mattermost",
          "versions": [
            {
              "lessThanOrEqual": "9.4.2",
              "status": "affected",
              "version": "9.4.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "9.3.1",
              "status": "affected",
              "version": "9.3.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "9.2.5",
              "status": "affected",
              "version": "9.2.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "8.1.9",
              "status": "affected",
              "version": "8.1.0",
              "versionType": "semver"
            },
            {
              "status": "unaffected",
              "version": "9.5.0"
            },
            {
              "status": "unaffected",
              "version": "9.4.3"
            },
            {
              "status": "unaffected",
              "version": "9.3.2"
            },
            {
              "status": "unaffected",
              "version": "9.2.6"
            },
            {
              "status": "unaffected",
              "version": "8.1.10"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Juho Nurminen"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eMattermost Jira plugin versions shipped with Mattermost versions 8.1.x before 8.1.10, 9.2.x before 9.2.6, 9.3.x before 9.3.2, and 9.4.x before 9.4.3 fail to escape user-controlled outputs when generating HTML pages, which allows an attacker to perform reflected cross-site scripting attacks against the users of the Mattermost server.\u003c/p\u003e"
            }
          ],
          "value": "Mattermost Jira plugin versions shipped with Mattermost versions 8.1.x before 8.1.10, 9.2.x before 9.2.6, 9.3.x before 9.3.2, and 9.4.x before 9.4.3 fail to escape user-controlled outputs when generating HTML pages, which allows an attacker to perform reflected cross-site scripting attacks against the users of the Mattermost server.\n\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-74",
              "description": "CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-03-15T09:19:50.127Z",
        "orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
        "shortName": "Mattermost"
      },
      "references": [
        {
          "url": "https://mattermost.com/security-updates"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Update Mattermost to versions 8.1.0, 9.3.2, 9.4.3, 9.5.0 or higher."
            }
          ],
          "value": "Update Mattermost to versions 8.1.0, 9.3.2, 9.4.3, 9.5.0 or higher."
        }
      ],
      "source": {
        "advisory": "MMSA-2023-00260",
        "defect": [
          "https://mattermost.atlassian.net/browse/MM-54921"
        ],
        "discovery": "INTERNAL"
      },
      "title": "Reflected XSS in Mattermost Jira plugin",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
    "assignerShortName": "Mattermost",
    "cveId": "CVE-2024-2445",
    "datePublished": "2024-03-15T09:19:50.127Z",
    "dateReserved": "2024-03-14T11:40:19.218Z",
    "dateUpdated": "2024-08-01T19:11:53.602Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2024-14306

CVE-2024-2445 (GCVE-0-2024-2445)

Tags

Sightings

Nomenclature