CVE-2025-30179 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Mattermost versions 10.4.x
Medium CVSS: 4.3

CVE-2025-30179

Mattermost versions 10.4.x <= 10.4.2, 10.3.x <= 10.3.3, 9.11.x <= 9.11.8 fail to enforce MFA on certain search APIs, which allows authenticated attackers to bypass MFA protections via user search, channel search, or team search queries.
Vendor
Mattermost
Product
Mattermost Server
CWE
CWE-863
Yayın Tarihi
2025-03-21 09:15:13
Güncelleme
2025-03-27 14:45:47
Source Identifier
responsibledisclosure@mattermost.com
KEV Date Added
-

Kategoriler

CWE-863 Mattermost Server MEDIUM Mattermost 2025

Referanslar

https://mattermost.com/security-updates