3.8

CVSS Score

3.1

Basic Information

CVE ID

CVE-2024-36287

GHSA ID

GHSA-xgqm-wp7w-mgg2

EPSS Score

0.12457%

CWE

CWE-693

Published

6/14/2024

Updated

6/17/2024

KEV Status

Technology

JavaScript

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2024-36287

CVE-2024-36287: Mattermost Desktop App allows for bypassing TCC restrictions on macOS

Mattermost Desktop App versions <=5.7.0 fail to disable certain Electron debug flags which allows for bypassing TCC restrictions on macOS.

(GitHub Advisory)

3.8

CVSS Score

3.1

Basic Information

CVE ID

CVE-2024-36287

GHSA ID

GHSA-xgqm-wp7w-mgg2

EPSS Score

0.12457%

CWE

CWE-693

Published

6/14/2024

Updated

6/17/2024

KEV Status

Technology

JavaScript

Technical Details

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
mattermost-desktop	npm	< 5.8.0	5.8.0

Vulnerability Intelligence
Miggo AI

Root Cause Analysis:

In progress

WAF Protection Rules

WAF Rule

M*tt*rmost **sktop *pp v*rsions <=*.*.* **il to *is**l* **rt*in *l**tron ***u* *l**s w*i** *llows *or *yp*ssin* T** r*stri*tions on m**OS.

Reasoning

No *n*lysis *v*il**l*

3.8

Basic Information

Concerned about an active attack path?

CVE-2024-36287: Mattermost Desktop App allows for bypassing TCC restrictions on macOS

3.8

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI