Lucene search
PRIOn knowledge basePRION:CVE-2023-4106HistoryAug 11, 2023 - 7:15 a.m.
Design/Logic Flaw
2023-08-1107:15:00
PRIOn knowledge base
www.prio-n.com
4
mattermost
logic flaw
unauthorized access
public playbooks
guest
0.0005 Low
EPSS
Percentile
17.0%
Mattermost fails to check if the requesting user is a guest before performing different actions to public playbooks, resulting a guest being able toΒ view, join, edit, export and archive public playbooks.
| CPE | Name | Operator | Version |
|---|---|---|---|
| mattermost | ge | 7.10.0 | |
| mattermost | lt | 7.10.4 | |
| mattermost | ge | 7.9.0 | |
| mattermost | lt | 7.9.6 | |
| mattermost | ge | 7.8.0 | |
| mattermost | lt | 7.8.8 |
References
Related
github
github
cve
cve
CVE-2023-4106
2023-08-11 07:15:09
osv
osv
Mattermost fails to check if user is a guest before performing actions on public playbooks
2023-08-11 09:30:36
CVE-2023-4106
2023-08-11 07:15:09
veracode
veracode
Missing Authorization
2023-08-15 02:22:05
nvd
nvd
CVE-2023-4106
2023-08-11 07:15:09
cvelist
cvelist
CVE-2023-4106 A guest user can perform various actions on public playbooks
2023-08-11 06:12:11
nessus
nessus