CVE-2025-24490 - Vulnerability Details - OpenCVE

Mattermost versions 10.4.x <= 10.4.1, 9.11.x <= 9.11.7, 10.3.x <= 10.3.2, 10.2.x <= 10.2.2 fail to use prepared statements in the SQL query of boards reordering which allows an attacker to retrieve data from the database, via a SQL injection when reordering specially crafted boards categories.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Mattermost	Mattermost

No data.

No data.

References

Link	Providers
https://mattermost.com/security-updates

History

Mon, 24 Feb 2025 12:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Mon, 24 Feb 2025 07:45:00 +0000

Type	Values Removed	Values Added
Description		Mattermost versions 10.4.x <= 10.4.1, 9.11.x <= 9.11.7, 10.3.x <= 10.3.2, 10.2.x <= 10.2.2 fail to use prepared statements in the SQL query of boards reordering which allows an attacker to retrieve data from the database, via a SQL injection when reordering specially crafted boards categories.
Title		SQL Injection in Mattermost Boards via board category ID reordering
Weaknesses		CWE-89
References		https://mattermost.com/security-updates
Metrics		cvssV3_1 `{'score': 9.6, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N'}`

MITRE

Status: PUBLISHED

Assigner: Mattermost

Published: 2025-02-24T07:26:30.679Z

Updated: 2025-02-24T11:21:41.385Z

Reserved: 2025-02-18T11:11:14.660Z

Link: CVE-2025-24490

Vulnrichment

Updated: 2025-02-24T11:21:35.907Z

NVD

Status : Received

Published: 2025-02-24T08:15:10.260

Modified: 2025-02-24T08:15:10.260

Link: CVE-2025-24490

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-24490", "assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee", "state": "PUBLISHED", "assignerShortName": "Mattermost", "dateReserved": "2025-02-18T11:11:14.660Z", "datePublished": "2025-02-24T07:26:30.679Z", "dateUpdated": "2025-02-24T11:21:41.385Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Mattermost", "vendor": "Mattermost", "versions": [{"lessThanOrEqual": "10.4.1", "status": "affected", "version": "10.4.0", "versionType": "semver"}, {"lessThanOrEqual": "9.11.7", "status": "affected", "version": "9.11.0", "versionType": "semver"}, {"lessThanOrEqual": "10.3.2", "status": "affected", "version": "10.3.0", "versionType": "semver"}, {"lessThanOrEqual": "10.2.2", "status": "affected", "version": "10.2.0", "versionType": "semver"}, {"status": "unaffected", "version": "10.4.2"}, {"status": "unaffected", "version": "9.11.8"}, {"status": "unaffected", "version": "10.3.3"}, {"status": "unaffected", "version": "10.2.3"}]}], "credits": [{"lang": "en", "type": "finder", "value": "visat"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Mattermost versions 10.4.x <= 10.4.1, 9.11.x <= 9.11.7, 10.3.x <= 10.3.2, 10.2.x <= 10.2.2 fail to use prepared statements in the SQL query of boards reordering which allows an attacker to retrieve data from the database, via a SQL injection when reordering specially crafted boards categories.</p>"}], "value": "Mattermost versions 10.4.x <= 10.4.1, 9.11.x <= 9.11.7, 10.3.x <= 10.3.2, 10.2.x <= 10.2.2 fail to use prepared statements in the SQL query of boards reordering which allows\u00a0an attacker to retrieve data from the database, via a SQL injection when reordering specially crafted boards categories."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 9.6, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-89", "description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee", "shortName": "Mattermost", "dateUpdated": "2025-02-24T07:26:30.679Z"}, "references": [{"url": "https://mattermost.com/security-updates"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Update Mattermost to versions 10.4.2, 9.11.8, 10.3.3, 10.2.3 or higher. Alternatively, update the Mattermost Boards plugin to v9.0.5 or higher. </p>"}], "value": "Update Mattermost to versions 10.4.2, 9.11.8, 10.3.3, 10.2.3 or higher. Alternatively, update the Mattermost Boards plugin to v9.0.5 or higher."}], "source": {"advisory": "MMSA-2025-00428", "defect": ["https://mattermost.atlassian.net/browse/MM-62641"], "discovery": "EXTERNAL"}, "title": "SQL Injection in Mattermost Boards via board category ID reordering", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-02-24T11:21:22.576092Z", "id": "CVE-2025-24490", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-24T11:21:41.385Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-24490", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-02-24T11:21:22.576092Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-24T11:21:35.907Z"}}], "cna": {"title": "SQL Injection in Mattermost Boards via board category ID reordering", "source": {"defect": ["https://mattermost.atlassian.net/browse/MM-62641"], "advisory": "MMSA-2025-00428", "discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "visat"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.6, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Mattermost", "product": "Mattermost", "versions": [{"status": "affected", "version": "10.4.0", "versionType": "semver", "lessThanOrEqual": "10.4.1"}, {"status": "affected", "version": "9.11.0", "versionType": "semver", "lessThanOrEqual": "9.11.7"}, {"status": "affected", "version": "10.3.0", "versionType": "semver", "lessThanOrEqual": "10.3.2"}, {"status": "affected", "version": "10.2.0", "versionType": "semver", "lessThanOrEqual": "10.2.2"}, {"status": "unaffected", "version": "10.4.2"}, {"status": "unaffected", "version": "9.11.8"}, {"status": "unaffected", "version": "10.3.3"}, {"status": "unaffected", "version": "10.2.3"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Update Mattermost to versions 10.4.2, 9.11.8, 10.3.3, 10.2.3 or higher. Alternatively, update the Mattermost Boards plugin to v9.0.5 or higher.", "supportingMedia": [{"type": "text/html", "value": "<p>Update Mattermost to versions 10.4.2, 9.11.8, 10.3.3, 10.2.3 or higher. Alternatively, update the Mattermost Boards plugin to v9.0.5 or higher. </p>", "base64": false}]}], "references": [{"url": "https://mattermost.com/security-updates"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "Mattermost versions 10.4.x <= 10.4.1, 9.11.x <= 9.11.7, 10.3.x <= 10.3.2, 10.2.x <= 10.2.2 fail to use prepared statements in the SQL query of boards reordering which allows\u00a0an attacker to retrieve data from the database, via a SQL injection when reordering specially crafted boards categories.", "supportingMedia": [{"type": "text/html", "value": "<p>Mattermost versions 10.4.x <= 10.4.1, 9.11.x <= 9.11.7, 10.3.x <= 10.3.2, 10.2.x <= 10.2.2 fail to use prepared statements in the SQL query of boards reordering which allows an attacker to retrieve data from the database, via a SQL injection when reordering specially crafted boards categories.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-89", "description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')"}]}], "providerMetadata": {"orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee", "shortName": "Mattermost", "dateUpdated": "2025-02-24T07:26:30.679Z"}}}, "cveMetadata": {"cveId": "CVE-2025-24490", "state": "PUBLISHED", "dateUpdated": "2025-02-24T11:21:41.385Z", "dateReserved": "2025-02-18T11:11:14.660Z", "assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee", "datePublished": "2025-02-24T07:26:30.679Z", "assignerShortName": "Mattermost"}, "dataVersion": "5.1"}