Plattform
go
Komponente
github.com/mattermost/mattermost-server
Behoben in
10.5.9
10.5.10
10.5.10+incompatible
CVE-2025-47700 describes a Server-Side Request Forgery (SSRF) vulnerability discovered in the Agents Plugin of Mattermost Server. This vulnerability allows an attacker to potentially initiate requests to internal resources that the Mattermost server has access to, potentially exposing sensitive data or services. The vulnerability affects versions of Mattermost Server prior to 10.5.10+incompatible, and a patch has been released to address the issue.
The SSRF vulnerability in Mattermost Server's Agents Plugin allows an attacker to craft malicious requests that the server will execute on their behalf. This could lead to the attacker accessing internal services or data that are not directly exposed to the internet. For example, an attacker could potentially scan internal networks, access cloud metadata services, or interact with internal APIs. The impact is considered LOW due to the need for specific plugin configuration and potential limitations in the attacker's ability to control the target of the SSRF requests. While not immediately catastrophic, successful exploitation could provide a foothold for further attacks or data exfiltration.
CVE-2025-47700 was publicly disclosed on 2025-08-29. There is no indication of active exploitation at this time. The CVSS score is 3.5 (LOW), suggesting a relatively low probability of exploitation. No public proof-of-concept (POC) code has been released. This vulnerability is not currently listed on the CISA KEV catalog.
Organizations utilizing Mattermost Server with the Agents Plugin enabled are at risk. This includes teams relying on the Agents Plugin for integrations with external services or internal systems. Environments with less stringent network segmentation policies are particularly vulnerable.
• go / server:
ps aux | grep "mattermost" | grep "Agents Plugin"• generic web:
curl -I https://<mattermost_server>/plugins/agents/ # Check for unexpected responses or headersdisclosure
Exploit-Status
EPSS
0.03% (10% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2025-47700 is to upgrade Mattermost Server to version 10.5.10+incompatible or later. If upgrading immediately is not feasible, consider temporarily disabling the Agents Plugin to reduce the attack surface. Review the Agents Plugin configuration to ensure it is not configured to allow access to sensitive internal resources. Implement network segmentation to limit the potential impact of a successful SSRF attack. Monitor Mattermost Server logs for unusual outbound requests that could indicate exploitation attempts.
Aktualisieren Sie Mattermost Server auf Version 10.10.0 oder höher. Dies behebt die Schwachstelle, die die Ausführung bösartiger Links über Veröffentlichungsaktionen ermöglicht. Das Update verhindert, dass das Agents Plugin leere Anforderungstexte verarbeitet, wodurch der Angriff verhindert wird.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2025-47700 is a Server-Side Request Forgery (SSRF) vulnerability in the Agents Plugin of Mattermost Server, allowing attackers to potentially trigger unintended network requests.
You are affected if you are running Mattermost Server versions prior to 10.5.10+incompatible and have the Agents Plugin enabled.
Upgrade Mattermost Server to version 10.5.10+incompatible or later. Consider network segmentation and WAF rules as interim mitigations.
Currently, there are no known public exploits or confirmed active exploitation campaigns for CVE-2025-47700.
Refer to the official Mattermost security advisory for detailed information and updates: [https://mattermost.com/security/advisories/](https://mattermost.com/security/advisories/)
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine go.mod-Datei hoch und wir sagen dir sofort, ob du betroffen bist.