CVE-2024-21848

LOW Year: 2024
CVSS v3 Score
3.1
Low
Weakness Type
CWE-284
View all →

Vulnerability Description

Improper Access Control in Mattermost Server versions 8.1.x before 8.1.11 allows an attacker that is in a channel with an active call to keep participating in the call even if they are removed from the channel

Related Vulnerabilities

CVE-2015-7490

LOW
CVSS:3.1(Low)

IBM InfoSphere Information Server 8.5 through FP3, 8.7 through FP2, 9.1 through 9.1.2.0, 11.3 through 11.3.1.2, and 11.5 allows remote authenticated users to bypass intended access restrictions via a ...

CWE-2842015

CVE-2016-2874

LOW
CVSS:3.1(Low)

IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 mishandles authorization, which allows remote authenticated users to obtain sensitive information via unspecified vectors.

CWE-2842016

CVE-2016-3274

LOW
CVSS:3.1(Low)

Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to conduct content-spoofing attacks via a crafted URL, aka "Microsoft Browser Spoofing Vulnerability."

CWE-2842016

CVE-2016-3276

LOW
CVSS:3.1(Low)

Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to conduct content-spoofing attacks via a crafted URL, aka "Microsoft Browser Spoofing Vulnerability."

CWE-2842016

CVE-2016-5506

LOW
CVSS:3.1(Low)

Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware allows local users to affect confidentiality and integrity via vectors related to App Server.

CWE-2842016

CVE-2016-8288

LOW
CVSS:3.1(Low)

Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect integrity via vectors related to Server: InnoDB Plugin.

CWE-2842016