CVE-2025-46702

Source
https://cve.org/CVERecord?id=CVE-2025-46702
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-46702.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-46702
Aliases
Downstream
Related
Published
2025-06-30T17:15:32.600Z
Modified
2026-04-10T05:28:31.113746Z
Severity
  • 5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N CVSS Calculator
Summary
[none]
Details

Mattermost versions 10.5.x <= 10.5.5, 9.11.x <= 9.11.15, 10.8.x <= 10.8.0, 10.7.x <= 10.7.2, 10.6.x <= 10.6.5 fail to properly enforce channel member management permissions when adding participants to playbook runs. This allows authenticated users with member-level permissions to bypass system admin restrictions and add or remove users to/from private channels via the playbook run participants feature, even when the 'Manage Members' permission has been explicitly removed. This can lead to unauthorized access to sensitive channel content and allow guest users to gain channel management privileges.

References

Affected packages

Git / github.com/mattermost/mattermost-server

Affected ranges

Type
GIT
Repo
https://github.com/mattermost/mattermost-server
Events
Introduced
Fixed
Introduced
Fixed
Introduced
Fixed
Introduced
Fixed
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Database specific
{
    "versions": [
        {
            "introduced": "9.11.0"
        },
        {
            "fixed": "9.11.16"
        },
        {
            "introduced": "10.5.0"
        },
        {
            "fixed": "10.5.6"
        },
        {
            "introduced": "10.6.0"
        },
        {
            "fixed": "10.6.6"
        },
        {
            "introduced": "10.7.0"
        },
        {
            "fixed": "10.7.3"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "10.8.0-NA"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "10.8.0-rc1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "10.8.0-rc2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "10.8.0-rc3"
        }
    ]
}

Affected versions

@mattermost/client@10.*
@mattermost/client@10.5.0
@mattermost/client@10.6.0
@mattermost/client@10.7.0
@mattermost/client@9.*
@mattermost/client@9.11.0
@mattermost/types@10.*
@mattermost/types@10.5.0
@mattermost/types@10.6.0
@mattermost/types@10.7.0
@mattermost/types@9.*
@mattermost/types@9.11.0
Other
cloud-2022-07-20-1
cloud-2022-08-10-1
cloud-2022-09-08-1
cloud-2022-10-06-1
cloud-2022-11-11-1
cloud-2022-11-24-1
mattermost-redux@10.*
mattermost-redux@10.6.0
mattermost-redux@10.7.0
server/public/v0.*
server/public/v0.0.10
server/public/v0.0.11
server/public/v0.0.12
server/public/v0.0.13
server/public/v0.0.14
server/public/v0.0.15
server/public/v0.0.16
server/public/v0.0.17
server/public/v0.0.18
server/public/v0.0.5
server/public/v0.0.6
server/public/v0.0.7
server/public/v0.0.8
server/public/v0.0.9
server/public/v0.1.0
server/public/v0.1.1
server/public/v0.1.10
server/public/v0.1.11
server/public/v0.1.2
server/public/v0.1.3
server/public/v0.1.4
server/public/v0.1.5
server/public/v0.1.6
server/public/v0.1.7
server/public/v0.1.8
server/public/v0.1.9
v0.*
v0.5.0
v10.*
v10.5.0
v10.5.0-rc6
v10.5.1
v10.5.1-rc1
v10.5.1-rc2
v10.5.2
v10.5.3
v10.5.3-rc1
v10.5.4
v10.5.4-rc1
v10.5.4-rc2
v10.5.5
v10.5.5-rc1
v10.6.0
v10.6.0-rc3
v10.6.1
v10.6.2
v10.6.2-rc1
v10.6.3
v10.6.3-rc1
v10.6.4
v10.6.4-rc1
v10.6.5
v10.7.0
v10.7.0-rc2
v10.7.1
v10.7.2
v10.7.2-rc1
v10.8.0
v10.8.0-rc1
v10.8.0-rc2
v10.8.0-rc3
v4.*
v4.10.0-rc1
v4.2.0-rc1
v4.3.0-rc1
v4.4.0-rc1
v4.5.0-rc1
v4.6.0-rc1
v4.6.0-rc2
v4.7.0-rc1
v4.8.0-rc1
v4.9.0-rc1
v5.*
v5.0.0-rc1
v5.1.0-rc1
v5.2.0-rc1
v5.2.0-rc2
v9.*
v9.11.0
v9.11.0-rc3
v9.11.1
v9.11.1-rc1
v9.11.10
v9.11.10-rc1
v9.11.11
v9.11.11-rc1
v9.11.12
v9.11.12-rc1
v9.11.13
v9.11.13-rc1
v9.11.14
v9.11.15
v9.11.2
v9.11.2-rc1
v9.11.2-rc2
v9.11.3
v9.11.3-rc1
v9.11.3-rc2
v9.11.4
v9.11.4-rc1
v9.11.5
v9.11.5-rc1
v9.11.6
v9.11.6-rc1
v9.11.6-rc2
v9.11.7
v9.11.7-rc1
v9.11.7-rc2
v9.11.7-rc3
v9.11.8
v9.11.9
v9.11.9-rc1
v9.11.9-rc2

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-46702.json"