| Reporter | Title | Published | Views | Family All 11 |
|---|---|---|---|---|
| Mattermost Desktop App 安全漏洞 | 17 Dec 202500:00 | – | cnnvd | |
| CVE-2025-13321 | 17 Dec 202518:14 | – | cve | |
| CVE-2025-13321 Mattermost Desktop App logging sensitive information and fails to clear data on server deletion | 17 Dec 202518:14 | – | cvelist | |
| EUVD-2025-203919 | 17 Dec 202521:30 | – | euvd | |
| Mattermost Desktop App exposes sensitive information in its application logs | 17 Dec 202521:30 | – | github | |
| CVE-2025-13321 | 17 Dec 202519:16 | – | nvd | |
| CVE-2025-13321 Mattermost Desktop App logging sensitive information and fails to clear data on server deletion | 17 Dec 202518:14 | – | osv | |
| GHSA-G6QX-WQ5W-WR8V Mattermost Desktop App exposes sensitive information in its application logs | 17 Dec 202521:30 | – | osv | |
| PT-2025-51853 | 17 Dec 202500:00 | – | ptsecurity | |
| CVE-2025-13321 | 18 Dec 202518:46 | – | redhatcve |
| Source | Link |
|---|---|
| mattermost | www.mattermost.com/security-updates/ |
| cve | www.cve.mitre.org/cgi-bin/cvename.cgi |
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(282320);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2026/02/18");
script_cve_id("CVE-2025-13321");
script_xref(name:"IAVA", value:"2026-A-0016");
script_name(english:"Mattermost Desktop < 6.0.0 (MMSA-2025-00520)");
script_set_attribute(attribute:"synopsis", value:
"The remote host is missing a security update.");
script_set_attribute(attribute:"description", value:
"The version of Mattermost Desktop installed on the remote host is prior to 6.0.0. It is, therefore, affected
by a vulnerability as referenced in the MMSA-2025-00520 advisory.
- Mattermost Desktop App versions <6.0.0 fail to sanitize sensitive information from Mattermost logs and
clear data on server deletion which allows an attacker with access to the users system to gain access to
potentially sensitive information via reading the application logs. (CVE-2025-13321)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://mattermost.com/security-updates/");
script_set_attribute(attribute:"solution", value:
"Upgrade to Mattermost Desktop version 6.0.0 or later.");
script_set_attribute(attribute:"agent", value:"all");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:S/C:P/I:N/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2025-13321");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2025/12/17");
script_set_attribute(attribute:"patch_publication_date", value:"2025/12/17");
script_set_attribute(attribute:"plugin_publication_date", value:"2026/01/07");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:mattermost:mattermost_desktop");
script_set_attribute(attribute:"stig_severity", value:"I");
script_set_attribute(attribute:"thorough_tests", value:"true");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Misc.");
script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("mattermost_desktop_win_installed.nbin", "mattermost_desktop_nix_installed.nbin", "macos_mattermost_desktop_installed.nbin");
script_require_ports("installed_sw/Mattermost Desktop", "installed_sw/Mattermost");
exit(0);
}
include('vdf.inc');
# @tvdl-content
var vuln_data = {
'metadata': {'spec_version': '1.0'},
'checks': [
{
'product': {'name': 'Mattermost Desktop', 'type': 'app'},
'check_algorithm': 'default',
'requires': [
{'scope': 'target', 'match_one': {'os': ['linux', 'windows']}}
],
'constraints' : [
{'fixed_version': '6.0.0'}
]
},
{
'product': {'name': 'Mattermost', 'type': 'app'},
'check_algorithm': 'default',
'requires': [
{'scope': 'target', 'match': {'os': 'macos'}}
],
'constraints' : [
{'fixed_version': '6.0.0'}
]
}
]
};
var vdf_result = vdf::check_and_report(vuln_data:vuln_data, severity:SECURITY_NOTE);
vdf::handle_check_and_report_errors(vdf_result:vdf_result);
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation