all InfoSec News logo
all InfoSec News - Your InfoSec news aggregator
Log in Sign up
all InfoSec News

Timing attack during remote cluster token comparison when shared channels are...

Add to bookmarks
July 3, 2024, 8:32 a.m. |

CVE | THREATINT - NEW cve.threatint.com

Mattermost versions 9.8.x <= 9.8.0, 9.7.x <= 9.7.4, 9.6.x <= 9.6.2 and 9.5.x <= 9.5.5, when shared channels are enabled, fail to use constant time comparison for remote cluster tokens which allows ...

attack cluster fail mattermost shared timing attack token tokens

Visit resource

More from cve.threatint.com / CVE | THREATINT - NEW

Evmos vulnerable to exploit of smart contract account and vestingEvmos is a d... an hour ago | cve.threatint.com
account can contract cosmos +12
Malicious Matrix homeserver can leak truncated message content of messages it... an hour ago | cve.threatint.com
bridge can cve cve-2024 +13
Certifi removes GLOBALTRUST root certificateCertifi is a curated collection o... an hour ago | cve.threatint.com
certificates collection globaltrust hosts +7
Pi-hole Blind Server-Side Request Forgery (SSRF) vulnerability can lead to Re... an hour ago | cve.threatint.com
blind can client client-side +10
Fedify vulnerable to allowing access to internal network resourcesFedify is a... 2 hours ago | cve.threatint.com
access apps building federated +9
Traefik vulnerable to bypassing IP allow-lists via HTTP/3 early data requests... 2 hours ago | cve.threatint.com
balancer bypassing data http +10
Mastodon has improper authorship check on audience extension for existing pos... 2 hours ago | cve.threatint.com
attacker can check extension +5
unauthorized file accessUnauthorized file access in WEB Server in ABB ASPECT ... 2 hours ago | cve.threatint.com
abb access aspect attacker +10
Remote code executionImproper Input Validation vulnerability in ABB ASPECT-En... 2 hours ago | cve.threatint.com
abb aspect code enterprise +11

Jobs in InfoSec / Cybersecurity

Find Talent

Microsoft Active Directory Engineer - TS/SCI with Polygraph

@ General Dynamics Information Technology | USA VA Chantilly - 14700 Lee Rd (VAS100)
View on infosec-jobs.com

GSOC Analyst & Team Lead

@ Western Digital | Colorado Springs, CO, United States
View on infosec-jobs.com

FAIT Manager - IT Risk Assessment - Dublin

@ EY | Dublin 2, IE
View on infosec-jobs.com

FAIT Senior Manager - IT Risk Assessment - Dublin

@ EY | Dublin 2, IE
View on infosec-jobs.com

Engineer - Sailpoint IdentityNow I Remote, Bangalore

@ Optiv | Bengaluru
View on infosec-jobs.com

Security Sales Specialist

@ NTT DATA | Madrid, Spain
View on infosec-jobs.com