4.3

CVSS Score

3.1

Basic Information

CVE ID

CVE-2024-47401

GHSA ID

GHSA-762v-rq7q-ff97

EPSS Score

0.30992%

CWE

CWE-770

Published

10/29/2024

Updated

11/4/2024

KEV Status

Technology

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2024-47401

CVE-2024-47401: Mattermost Server vulnerable to application crash from attacker-generated large response

Mattermost versions 9.10.x <= 9.10.2, 9.11.x <= 9.11.1 and 9.5.x <= 9.5.9 fail to prevent detailed error messages from being displayed in Playbooks which allows an attacker to generate a large response and cause an amplified GraphQL response which in turn could cause the application to crash by sending a specially crafted request to Playbooks.

(GitHub Advisory)

4.3

CVSS Score

3.1

Basic Information

CVE ID

CVE-2024-47401

GHSA ID

GHSA-762v-rq7q-ff97

EPSS Score

0.30992%

CWE

CWE-770

Published

10/29/2024

Updated

11/4/2024

KEV Status

Technology

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
github.com/mattermost/mattermost/server/v8	go	< 8.0.0-20240926115259-20ed58906adc	8.0.0-20240926115259-20ed58906adc

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stems from unconstrained GraphQL response generation in Playbooks. Key indicators include:

CWE-770 (resource allocation without limits) suggests missing response size throttling
The attack vector involves crafted Playbooks requests triggering large responses
The Go module path indicates server/v8/channels/app/playbooks as the likely location
GraphQL resolvers and error handlers are common amplification points While specific function names aren't provided in the advisory, the pattern matches:

GraphQL resolver methods processing Playbooks data
Error handlers generating verbose responses Confidence is medium due to lack of direct code references, but the technical description strongly suggests these components.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

M*tt*rmost v*rsions *.**.x <= *.**.*, *.**.x <= *.**.* *n* *.*.x <= *.*.* **il to pr*v*nt **t*il** *rror m*ss***s *rom **in* *ispl*y** in Pl*y*ooks w*i** *llows *n *tt**k*r to **n*r*t* * l*r** r*spons* *n* **us* *n *mpli*i** *r*p*QL r*spons* w*i** in

Reasoning

T** vuln*r**ility st*ms *rom un*onstr*in** *r*p*QL r*spons* **n*r*tion in Pl*y*ooks. K*y in*i**tors in*lu**: *. *W*-*** (r*sour** *llo**tion wit*out limits) su***sts missin* r*spons* siz* t*rottlin* *. T** *tt**k v**tor involv*s *r**t** Pl*y*ooks r*q

4.3

Basic Information

Concerned about an active attack path?

CVE-2024-47401: Mattermost Server vulnerable to application crash from attacker-generated large response

4.3

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI