Lucene search
HistoryNov 27, 2023 - 10:15 a.m.
CVE-2023-43754
mattermost
cve-2023-43754
archive channel
vulnerability
CVSS3
4.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
EPSS
0
Percentile
14.0%
Mattermost fails to check whether the “Allow users to view archived channels” setting is enabled during permalink previews display, allowing members to view permalink previews of archived channels even if the “Allow users to view archived channels” setting is disabled.
Affected configurations
Node
mattermostmattermostRange≤7.8.12
ORmattermostmattermostRange8.0.0–8.1.3
ORmattermostmattermostRange9.0.0–9.0.1
ORmattermostmattermostMatch9.1.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| mattermost | mattermost | * | cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:* |
| mattermost | mattermost | 9.1.0 | cpe:2.3:a:mattermost:mattermost:9.1.0:*:*:*:*:*:*:* |
References
Related
osv
osv
CGA-vxj9-pvmr-vgmp
2024-07-15 22:08:18
CVE-2023-43754
2023-11-27 10:15:07
CGA-hj28-6hc9-53rx
2024-09-25 01:54:24
cve
cve
CVE-2023-43754
2023-11-27 10:15:07
github
github
cnvd
cnvd
Mattermost Security Bypass Vulnerability
2023-11-30 00:00:00
veracode
veracode
Information Disclosure
2023-11-28 06:51:58
cvelist
cvelist
prion
prion
Code injection
2023-11-27 10:15:00
nessus
nessus
CVSS3
4.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
EPSS
0
Percentile
14.0%
Related for NVD:CVE-2023-43754