4.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
6.9 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
9.0%
Mattermost is vulnerable to Uncontrolled Resource Consumption. The vulnerability is due to the failure in limiting the number of role names that can be requested from the API. An attacker can cause the server to run out of memory and crash by issuing an unusually large HTTP request.
4.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
6.9 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
9.0%