Unrated severityNVD Advisory· Published Sep 26, 2024· Updated Sep 26, 2024
Weak SSRF Filtering
CVE-2024-45843
Description
Mattermost versions 9.5.x <= 9.5.8 fail to include the metadata endpoints of Oracle Cloud and Alibaba in the SSRF denylist, which allows an attacker to possibly cause an SSRF if Mattermost was deployed in Oracle Cloud or Alibaba.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
39.5.x <= 9.5.8+ 1 more
- (no CPE)range: 9.5.x <= 9.5.8
- (no CPE)range: 9.5.0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.