{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-13324", "assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee", "state": "PUBLISHED", "assignerShortName": "Mattermost", "dateReserved": "2025-11-17T17:07:12.922Z", "datePublished": "2025-12-17T18:14:13.347Z", "dateUpdated": "2025-12-24T10:16:53.096Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Mattermost", "vendor": "Mattermost", "versions": [{"lessThanOrEqual": "10.11.5", "status": "affected", "version": "10.11.0", "versionType": "semver"}, {"lessThanOrEqual": "11.0.4", "status": "affected", "version": "11.0.0", "versionType": "semver"}, {"lessThanOrEqual": "10.12.2", "status": "affected", "version": "10.12.0", "versionType": "semver"}, {"status": "unaffected", "version": "11.1.0"}, {"status": "unaffected", "version": "10.11.6"}, {"status": "unaffected", "version": "11.0.5"}, {"status": "unaffected", "version": "10.12.3"}]}], "credits": [{"lang": "en", "type": "finder", "value": "daw10"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Mattermost versions 10.11.x &lt;= 10.11.5, 11.0.x &lt;= 11.0.4, 10.12.x &lt;= 10.12.2 fail to invalidate remote cluster invite tokens when using the legacy (version 1) protocol or when the confirming party does not provide a refreshed token, which allows an attacker who has obtained an invite token to authenticate as the remote cluster and perform limited actions on shared channels even after the invitation has been legitimately confirmed. </p>"}], "value": "Mattermost versions 10.11.x <= 10.11.5, 11.0.x <= 11.0.4, 10.12.x <= 10.12.2 fail to invalidate remote cluster invite tokens when using the legacy (version 1) protocol or when the confirming party does not provide a refreshed token, which allows an attacker who has obtained an invite token to authenticate as the remote cluster and perform limited actions on shared channels even after the invitation has been legitimately confirmed."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-863", "description": "CWE-863: Incorrect Authorization", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee", "shortName": "Mattermost", "dateUpdated": "2025-12-24T10:16:53.096Z"}, "references": [{"url": "https://mattermost.com/security-updates"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Update Mattermost to versions 11.1.0, 10.11.6, 11.0.5, 10.12.3 or higher.</p>"}], "value": "Update Mattermost to versions 11.1.0, 10.11.6, 11.0.5, 10.12.3 or higher."}], "source": {"advisory": "MMSA-2025-00524", "defect": ["https://mattermost.atlassian.net/browse/MM-65152"], "discovery": "EXTERNAL"}, "title": "Lack of Invalidation of Legacy Remote Cluster Invite Tokens After Confirmation", "x_generator": {"engine": "Vulnogram 0.5.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-12-17T18:52:25.155977Z", "id": "CVE-2025-13324", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-12-17T19:29:39.872Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-13324", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-12-17T18:52:25.155977Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-12-17T18:52:27.669Z"}}], "cna": {"title": "Lack of Invalidation of Legacy Remote Cluster Invite Tokens After Confirmation", "source": {"defect": ["https://mattermost.atlassian.net/browse/MM-65152"], "advisory": "MMSA-2025-00524", "discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "daw10"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.7, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Mattermost", "product": "Mattermost", "versions": [{"status": "affected", "version": "10.11.0", "versionType": "semver", "lessThanOrEqual": "10.11.5"}, {"status": "affected", "version": "11.0.0", "versionType": "semver", "lessThanOrEqual": "11.0.4"}, {"status": "affected", "version": "10.12.0", "versionType": "semver", "lessThanOrEqual": "10.12.2"}, {"status": "unaffected", "version": "11.1.0"}, {"status": "unaffected", "version": "10.11.6"}, {"status": "unaffected", "version": "11.0.5"}, {"status": "unaffected", "version": "10.12.3"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Update Mattermost to versions 11.1.0, 10.11.6, 11.0.5, 10.12.3 or higher.", "supportingMedia": [{"type": "text/html", "value": "<p>Update Mattermost to versions 11.1.0, 10.11.6, 11.0.5, 10.12.3 or higher.</p>", "base64": false}]}], "references": [{"url": "https://mattermost.com/security-updates"}], "x_generator": {"engine": "Vulnogram 0.5.0"}, "descriptions": [{"lang": "en", "value": "Mattermost versions 10.11.x <= 10.11.5, 11.0.x <= 11.0.4, 10.12.x <= 10.12.2 fail to invalidate remote cluster invite tokens when using the legacy (version 1) protocol or when the confirming party does not provide a refreshed token, which allows an attacker who has obtained an invite token to authenticate as the remote cluster and perform limited actions on shared channels even after the invitation has been legitimately confirmed.", "supportingMedia": [{"type": "text/html", "value": "<p>Mattermost versions 10.11.x &lt;= 10.11.5, 11.0.x &lt;= 11.0.4, 10.12.x &lt;= 10.12.2 fail to invalidate remote cluster invite tokens when using the legacy (version 1) protocol or when the confirming party does not provide a refreshed token, which allows an attacker who has obtained an invite token to authenticate as the remote cluster and perform limited actions on shared channels even after the invitation has been legitimately confirmed. </p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-863", "description": "CWE-863: Incorrect Authorization"}]}], "providerMetadata": {"orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee", "shortName": "Mattermost", "dateUpdated": "2025-12-24T10:16:53.096Z"}}}, "cveMetadata": {"cveId": "CVE-2025-13324", "state": "PUBLISHED", "dateUpdated": "2025-12-24T10:16:53.096Z", "dateReserved": "2025-11-17T17:07:12.922Z", "assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee", "datePublished": "2025-12-17T18:14:13.347Z", "assignerShortName": "Mattermost"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "01DCCC9D-79BE-4B4D-9ECC-1299F88541D8", "versionEndExcluding": "10.11.6", "versionStartIncluding": "10.11.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "DD0ED714-56F9-4C84-B84D-3BF658940568", "versionEndExcluding": "10.12.3", "versionStartIncluding": "10.12.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "6130B691-5017-418D-A28A-84A83AA2496C", "versionEndExcluding": "11.0.5", "versionStartIncluding": "11.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Mattermost versions 10.11.x <= 10.11.5, 11.0.x <= 11.0.4, 10.12.x <= 10.12.2 fail to invalidate remote cluster invite tokens when using the legacy (version 1) protocol or when the confirming party does not provide a refreshed token, which allows an attacker who has obtained an invite token to authenticate as the remote cluster and perform limited actions on shared channels even after the invitation has been legitimately confirmed."}], "id": "CVE-2025-13324", "lastModified": "2025-12-29T18:46:13.530", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 1.4, "source": "responsibledisclosure@mattermost.com", "type": "Secondary"}]}, "published": "2025-12-17T19:16:01.093", "references": [{"source": "responsibledisclosure@mattermost.com", "tags": ["Vendor Advisory"], "url": "https://mattermost.com/security-updates"}], "sourceIdentifier": "responsibledisclosure@mattermost.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-863"}], "source": "responsibledisclosure@mattermost.com", "type": "Secondary"}]}

{}

{"created": "2025-12-18T09:57:05.730387+00:00", "updated": "2025-12-18T09:57:05.730415+00:00", "vendors": ["mattermost", "mattermost$PRODUCT$mattermost"]}