CVE-2025-6227

{"id": "CVE-2025-6227", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "responsibledisclosure@mattermost.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 2.2, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 0.7}]}, "published": "2025-07-18T12:15:23.843", "references": [{"url": "https://mattermost.com/security-updates", "source": "responsibledisclosure@mattermost.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "responsibledisclosure@mattermost.com", "description": [{"lang": "en", "value": "CWE-522"}]}], "descriptions": [{"lang": "en", "value": "Mattermost versions 10.5.x <= 10.5.7, 9.11.x <= 9.11.16 fail to negotiate a new token when accepting the invite which allows a user that intercepts both invite and password to send synchronization payloads to the server that originally created the invite via the REST API."}, {"lang": "es", "value": "Las versiones de Mattermost 10.5.x &lt;= 10.5.7, 9.11.x &lt;= 9.11.16 no pueden negociar un nuevo token al aceptar la invitaci\u00f3n, lo que permite que un usuario que intercepta tanto la invitaci\u00f3n como la contrase\u00f1a env\u00ede payloads de sincronizaci\u00f3n al servidor que cre\u00f3 originalmente la invitaci\u00f3n a trav\u00e9s de la API REST."}], "lastModified": "2025-07-22T13:06:27.983", "sourceIdentifier": "responsibledisclosure@mattermost.com"}