How severe is CVE-2025-2571?

CVE-2025-2571 has a CVSS v3 score of 4.2 (MEDIUM).

CVE-2025-2571

Name: mattermost_server
Author: mattermost

4.2MEDIUM

Mattermost versions 10.7.x <= 10.7.0, 10.6.x <= 10.6.2, 10.5.x <= 10.5.3, 9.11.x <= 9.11.12 fail to clear Google OAuth credentials when converting user accounts to bot accounts, allowing attackers to

公開日: 5/30/2025更新日: 10/15/2025

説明

Mattermost versions 10.7.x <= 10.7.0, 10.6.x <= 10.6.2, 10.5.x <= 10.5.3, 9.11.x <= 9.11.12 fail to clear Google OAuth credentials when converting user accounts to bot accounts, allowing attackers to gain unauthorized access to bot accounts via the Google OAuth signup flow.

AI分析AIによる分析

影響を受ける製品

mattermostmattermost_server

参照

https://mattermost.com/security-updates
Vendor Advisory