CVE-2025-55074 - CERT CVE

  1. CVE-2025-55074

ID CVE-2025-55074
Sažetak Mattermost versions 10.11.x <= 10.11.3, 10.5.x <= 10.5.11 fail to enforce access permissions on the Agents plugin which allows other users to determine when users had read channels via channel member objects
Reference
CVSS
Base: 3.0
Impact: 1.4
Exploitability:1.3
Pristup
VektorSloženostAutentikacija
NETWORK HIGH LOW
Impact
PovjerljivostCjelovitostDostupnost
LOW NONE NONE
CVSS vektor CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:N/A:N
Zadnje važnije ažuriranje 18-11-2025 - 16:15
Objavljeno 18-11-2025 - 16:15