Base Score

MEDIUM6.5

CVE-2025-9081

Mattermost versions 10.5.x <= 10.5.8, 9.11.x <= 9.11.17 fail to properly validate access controls which allows any authenticated user to download sensitive files via board file download endpoint using UUID enumeration

VectorNETWORK

Published Byresponsibledisclosure@mattermost.com

Published DateSep 19, 2025, 20:15

Affected Versions(4)

github.com/mattermost/mattermost-plugin-boards(Go)

Introduced0

Fixed0.0.0-20250716054606-3f3e3becfe1d

LimitN/A

github.com/mattermost/mattermost/server/v8(Go)

Introduced0

Fixed8.0.0-20250721095935-11c36f4d1e44

LimitN/A

github.com/mattermost/mattermost-server(Go)

Introduced10.5.0-rc1

Fixed10.5.9

LimitN/A

github.com/mattermost/mattermost-server(Go)

Introduced9.11.0-rc1

Fixed9.11.18

LimitN/A

Package (Ecosystem)	Introduced	Fixed	Limit
github.com/mattermost/mattermost-plugin-boards(Go)	0	0.0.0-20250716054606-3f3e3becfe1d	N/A
github.com/mattermost/mattermost/server/v8(Go)	0	8.0.0-20250721095935-11c36f4d1e44	N/A
github.com/mattermost/mattermost-server(Go)	10.5.0-rc1	10.5.9	N/A
github.com/mattermost/mattermost-server(Go)	9.11.0-rc1	9.11.18	N/A

Weakness Type (CWE):CWE-639

CVSS Metrics

Base Score

6.5

Vector String

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Base Severity

MEDIUM

Version

3.1

Attack Vector (AV)

NETWORK

Attack Complexity (AC)

LOW

Privileges Required (PR)

LOW

User Interaction (UI)

NONE

Scope (S)

UNCHANGED

Confidentiality (C)

HIGH

Integrity (I)

NONE

Availability (A)

NONE

References

https://mattermost.com/security-updates

Base Score

MEDIUM6.5

Weakness Type (CWE):CWE-639

CVSS Metrics

Base Score

6.5

Vector String

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Base Severity

MEDIUM

Version

3.1

Attack Vector (AV)

NETWORK

Attack Complexity (AC)

LOW

Privileges Required (PR)

LOW

User Interaction (UI)

NONE

Scope (S)

UNCHANGED

Confidentiality (C)

HIGH

Integrity (I)

NONE

Availability (A)

NONE