CVE-2025-2475
Unauthorized Bot Login Using CredentialsMattermost versions 10.5.x <= 10.5.1, 10.4.x <= 10.4.3, 9.11.x <= 9.11.9 fail to invalidate the cache when a user account is converted to a bot which allows an attacker to login to the bot exactly one time via normal credentials.
We have discovered 30 live websites that are affected by CVE-2025-2475.
Affected Software
| Product |  Mattermost |
| Category | Message Boards |
| Vulnerable Domains | 30 live websites (7.23% of Mattermost install base) |
| Vulnerable Versions |
|
| Vulnerable Versions Count | 6 versions ( 8.96% of all versions) |
Common Weakness Enumeration
CWE-303 Incorrect Implementation of Authentication AlgorithmDetails
- Published - Apr 14, 2025
- Updated - Apr 14, 2025
Credits
- eAhmed (finder)
CVE References
CWE References
CWE
Website Distribution by Country
Number of websites using CVE-2025-2475 United States | 8 websites |
 Germany | 4 websites |
 France | 2 websites |
 Japan | 2 websites |
 Turkmenistan | 2 websites |
 Austria | 1 websites |
 Canada | 1 websites |
 Switzerland | 1 websites |
 Czech Republic | 1 websites |
Website Distribution by TLD
Number of websites using CVE-2025-2475| .com | 7 websites |
| .org | 6 websites |
| .ru | 2 websites |
| .ch | 1 websites |
| .de | 1 websites |
| .fr | 1 websites |
| .info | 1 websites |
| .net | 1 websites |
| .se | 1 websites |
Vulnerable Versions
Vulnerable versions are highlighted in redWebsites affected by CVE-2025-2475
Top websites that are affected by CVE-2025-2475. Please click on the "Contact us" link to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| ****.************.org | Canada | *,***,*** | |
| *****.****.to | Japan | **,***,*** | |
| ****.************.se |  Sweden | **,***,*** | |
| **.********.com | United States | **,***,*** | |
| ****.*************.fm |  Netherlands | **,***,*** | |
| ***.********.org | United States | **,***,*** | |
| ****.*******.com | United States | **,***,*** | |
| ****.******.de | Germany | **,***,*** | |
| **.********.com | Turkmenistan | **,***,*** | |
| **.********.com | Turkmenistan | **,***,*** |
FAQ
CVE-2025-2475 is Incorrect Implementation of Authentication Algorithm in Mattermost
A total of 30 websites have been identified as vulnerable to CVE-2025-2475, based on global website indexing conducted by WebTechSurvey.
The Mattermost is affected by the CVE-2025-2475 vulnerability.
Mattermost versions up to and including 10.5.1 are vulnerable to CVE-2025-2475.