Lucene search

CVE-2023-27263

🗓️ 27 Feb 2023 15:11:15Reported by MattermostType

A missing permissions check in Mattermost API allows unauthorized access to playbook

Reporter	Title	Published	Views	Family All 5
Prion	Design/Logic Flaw	27 Feb 202315:15	–	prion
OSV	CVE-2023-27263	27 Feb 202315:15	–	osv
Vulnrichment	CVE-2023-27263 IDOR: Accessing playbook runs via the Playbooks Runs API	27 Feb 202314:44	–	vulnrichment
Cvelist	CVE-2023-27263 IDOR: Accessing playbook runs via the Playbooks Runs API	27 Feb 202314:44	–	cvelist
NVD	CVE-2023-27263	27 Feb 202315:15	–	nvd

Nvd

Node

mattermost mattermostRange≤7.1.4

mattermost mattermostMatch7.4.0

mattermost mattermostMatch7.5.0

mattermost mattermostMatch7.5.1

[
  {
    "defaultStatus": "unaffected",
    "modules": [
      "Playbooks"
    ],
    "product": "Mattermost",
    "vendor": "Mattermost",
    "versions": [
      {
        "lessThanOrEqual": "7.5.1",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "7.4.0",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "7.1.4",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
mattermost	www.mattermost.com/security-updates/

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

27 Feb 2023 15:15Current

5.2Medium risk

Vulners AI Score5.2

CVSS34.3 - 6.5

EPSS0.001

SSVC

CWE-862