CVE-2024-4183

Summary

CVE-2024-4183 is a vulnerability affecting Mattermost versions 8.1.x before 8.1.12, 9.6.x before 9.6.1, 9.5.x before 9.5.3, and 9.4.x before 9.4.5. This issue allows authenticated attackers to cause a server crash by flooding the sessions table and making repeated requests to the getSessions API. The vulnerability stems from a failure to limit the number of active sessions, enabling attackers to overload the system and cause it to malfunction. This can potentially lead to downtime and disrupt normal operations. It is recommended that affected versions be updated to their respective patched versions to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.