all InfoSec News logo
all InfoSec News - Your InfoSec news aggregator
Log in Sign up
all InfoSec News

RemoteClusterFrame payloads are audit logged in fullMattermost versions 9.5.x...

Add to bookmarks
July 3, 2024, 8:37 a.m. |

CVE | THREATINT - NEW cve.threatint.com

Mattermost versions 9.5.x <= 9.5.5 and 9.8.0 fail to sanitize the RemoteClusterFrame payloads before audit logging them which allows a high privileged attacker with access to the audit logs to read...

access attacker audit audit logs fail high logging logs mattermost payloads privileged

Visit resource

More from cve.threatint.com / CVE | THREATINT - NEW

Evmos vulnerable to exploit of smart contract account and vestingEvmos is a d... 39 minutes ago | cve.threatint.com
account can contract cosmos +12
Malicious Matrix homeserver can leak truncated message content of messages it... 47 minutes ago | cve.threatint.com
bridge can cve cve-2024 +13
Certifi removes GLOBALTRUST root certificateCertifi is a curated collection o... 49 minutes ago | cve.threatint.com
certificates collection globaltrust hosts +7
Pi-hole Blind Server-Side Request Forgery (SSRF) vulnerability can lead to Re... 59 minutes ago | cve.threatint.com
blind can client client-side +10
Fedify vulnerable to allowing access to internal network resourcesFedify is a... an hour ago | cve.threatint.com
access apps building federated +9
Traefik vulnerable to bypassing IP allow-lists via HTTP/3 early data requests... an hour ago | cve.threatint.com
balancer bypassing data http +10
Mastodon has improper authorship check on audience extension for existing pos... 2 hours ago | cve.threatint.com
attacker can check extension +5
unauthorized file accessUnauthorized file access in WEB Server in ABB ASPECT ... 2 hours ago | cve.threatint.com
abb access aspect attacker +10
Remote code executionImproper Input Validation vulnerability in ABB ASPECT-En... 2 hours ago | cve.threatint.com
abb aspect code enterprise +11

Jobs in InfoSec / Cybersecurity

Find Talent

Microsoft Active Directory Engineer - TS/SCI with Polygraph

@ General Dynamics Information Technology | USA VA Chantilly - 14700 Lee Rd (VAS100)
View on infosec-jobs.com

GSOC Analyst & Team Lead

@ Western Digital | Colorado Springs, CO, United States
View on infosec-jobs.com

FAIT Manager - IT Risk Assessment - Dublin

@ EY | Dublin 2, IE
View on infosec-jobs.com

FAIT Senior Manager - IT Risk Assessment - Dublin

@ EY | Dublin 2, IE
View on infosec-jobs.com

Engineer - Sailpoint IdentityNow I Remote, Bangalore

@ Optiv | Bengaluru
View on infosec-jobs.com

Security Sales Specialist

@ NTT DATA | Madrid, Spain
View on infosec-jobs.com