3 matches found
CVE-2022-1332 Restricted custom admin role can bypass the restrictions and view the server logs and server config.json file contents
One of the API in Mattermost version 6.4.1 and earlier fails to properly protect the permissions, which allows the authenticated members with restricted custom admin role to bypass the restrictions and view the server logs and server config.json file contents...
CVE-2022-1332
Summary of CVE-2022-1332 (Mattermost) : An API in Mattermost ≤ 6.4.1 fails to properly enforce permissions, allowing authenticated users with a restricted custom admin role to bypass restrictions and read server logs and the server config.json. The issue is a privilege-management flaw affecting t...
CVE-2022-1332 Restricted custom admin role can bypass the restrictions and view the server logs and server config.json file contents
One of the API in Mattermost version 6.4.1 and earlier fails to properly protect the permissions, which allows the authenticated members with restricted custom admin role to bypass the restrictions and view the server logs and server config.json file contents...