CVE-2024-32046

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Apr 26, 2024

CWE ID 200

Summary

CVE-2024-32046 is a vulnerability affecting Mattermost versions 9.6.x up to 9.6.0, 9.5.x up to 9.5.2, 9.4.x up to 9.4.4, and 8.1.x up to 8.1.11. Despite developer mode being turned off, these applications fail to eliminate detailed error messages in API requests. An attacker can exploit this issue by accessing these messages and gaining insight into the server's file structure, potentially leading to further exploitation.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/vnsd-b
https://www.cve.org/CVERecord?id=CVE-2024-32046
https://nvd.nist.gov/vuln/detail/CVE-2024-32046

Back to Vulnerability Database

CVE-2024-32046

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations