检测

Mattermost Server 10.5.x <= 10.5.12 / 10.11.x <= 10.11.4 访问控制不当 (MMSA-2025-00517)

medium Nessus 插件 ID 278111

语言:

版本 1.4

Mar 2, 2026, 12:44 PM

  • CVSS metrics ("CVSSv2 score" set to 4.0)
  • CVSS metrics ("CVSSv2 vector" set to "CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N")
  • CVSS metrics ("CVSSv3 score" set to 4.3)
  • CVSS metrics ("CVSSv3 vector" set to "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N")
  • CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:U/RL:OF/RC:C")
  • CVSS temporal metrics ("CVSSv3 temporal vector" set to "CVSS:3.0/E:U/RL:O/RC:C")
  • CVSSv2 severity (based on CVE-2025-13870, severity decreased from "High" to "Medium")
  • CVSSv3 severity (based on None, severity increased from "Low" to "Medium")
  • Exploit attributes ("Exploit available" set to "False")
  • Exploit attributes ("Exploitability ease" set to "No known exploits are available")

Plugin Feed: 202603021244

版本 1.3

Feb 25, 2026, 1:08 AM

  • IAVM reference

Plugin Feed: 202602250108

版本 1.2

Dec 12, 2025, 5:16 PM

  • New

Plugin Feed: 202512121716

版本 1.1

Dec 11, 2025, 12:59 PM

  • New

Plugin Feed: 202512111259

* Changelogs are generally available for changes made after Nov 1, 2022