CVE-2024-36287

CVSS 3.1 Score 3.3 of 10 (low)

Details

Published Jun 14, 2024

Updated: Aug 7, 2024

CWE ID 693

Summary

CVE-2024-36287: A vulnerability affects Mattermost Desktop App versions prior to 5.7.1. The issue stems from the failure to disable specific Electron debug flags, enabling bypass of macOS's Touch Input Protection (TCC) restrictions. This vulnerability can potentially expose sensitive user data or allow unauthorized access. Users are encouraged to update to the latest version of the Mattermost Desktop App to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Mattermost, Inc.

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/wd0YfB
https://www.cve.org/CVERecord?id=CVE-2024-36287
https://nvd.nist.gov/vuln/detail/CVE-2024-36287

Back to Vulnerability Database

CVE-2024-36287

CVSS 3.1 Score 3.3 of 10 (low)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations