CVE-2025-55035

CWE-7543 documents3 sources
Severity
6.1MEDIUM
EPSS
0.0%
top 86.21%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Mattermost Mattermost DesktopMattermost Mattermost
Timeline
PublishedOct 16

Description

Mattermost Desktop App versions <=5.13.0 fail to manage modals in the Mattermost Desktop App that stops a user with a server that uses basic authentication from accessing their server which allows an attacker that provides a malicious server to the user to deny use of the Desktop App via having the user configure the malicious server and forcing a modal popup that cannot be closed.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:N/A:HExploitability: 1.6 | Impact: 4.0

Affected Packages2 packages

CVEListV5mattermost/mattermost5.0.13

🔴Vulnerability Details

2
CVEList
Mattermost Desktop DoS when user has basic authentication server configured2025-10-16
GHSA
GHSA-3359-25fv-h37v: Mattermost Desktop App versions <=52025-10-16
CVE-2025-55035 (MEDIUM CVSS 6.1) | Mattermost Desktop App versions <=5 | cvebase.io