Lucene search
PRIOn knowledge basePRION:CVE-2023-5196HistorySep 29, 2023 - 10:15 a.m.
Code injection
2023-09-2910:15:00
PRIOn knowledge base
www.prio-n.com
1
mattermost
code injection
server overload
0.0004 Low
EPSS
Percentile
13.3%
Mattermost fails to enforce character limits in all possible notification props allowing an attacker toΒ send a really long value for a notification_prop resulting in the server consuming an abnormal quantity of computing resources and possibly becoming temporarily unavailable for its users.
| CPE | Name | Operator | Version |
|---|---|---|---|
| mattermost | ge | 7.0.0 | |
| mattermost | lt | 7.8.10 | |
| mattermost | ge | 8.1.0 | |
| mattermost | lt | 8.1.1 | |
| mattermost | ge | 8.0.0 | |
| mattermost | lt | 8.0.2 |
References
Related
osv
osv
CVE-2023-5196
2023-09-29 10:15:10
Mattermost Uncontrolled Resource Consumption vulnerability
2023-09-29 12:30:16
nvd
nvd
CVE-2023-5196
2023-09-29 10:15:10
cvelist
cvelist
CVE-2023-5196 DoS via Channel Notification Properties
2023-09-29 09:22:36
cve
cve
CVE-2023-5196
2023-09-29 10:15:10
github
github
Mattermost Uncontrolled Resource Consumption vulnerability
2023-09-29 12:30:16
