Mattermost Server up to 5.7.x Domain Request default permission

EntryeditHistoryDiffjsonxmlCTI

A vulnerability was found in Mattermost Server up to 5.7.x. It has been declared as critical. This vulnerability affects some unknown functionality of the component Domain Handler. Upgrading to version 5.8.0 eliminates this vulnerability.

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

User

Field

Commit Conf

Approve Conf

IDCommitedUserFieldChangeRemarksModeratedReasonC
1056118110/25/2020VulD...confirm_urlhttps://mattermost.com/security-updates/cve.mitre.org10/25/2020accepted70
1018727606/20/2020VulD...cve_nvd_summaryAn issue was discovered in Mattermost Server before 5.8.0. It does not honor the domain requirement when processing a join request for an open team.mitre.org06/20/2020accepted100
1018727506/20/2020VulD...cve_assigned1592524800mitre.org06/20/2020accepted100
1018726806/20/2020VulD...cvss3_nvd_aNnist.gov06/20/2020accepted100
1018726706/20/2020VulD...cvss3_nvd_iLnist.gov06/20/2020accepted100
1018726606/20/2020VulD...cvss3_nvd_cNnist.gov06/20/2020accepted100
1018726506/20/2020VulD...cvss3_nvd_sUnist.gov06/20/2020accepted100
1018726406/20/2020VulD...cvss3_nvd_uiNnist.gov06/20/2020accepted100
1018726306/20/2020VulD...cvss3_nvd_prNnist.gov06/20/2020accepted100
1018726206/20/2020VulD...cvss3_nvd_acLnist.gov06/20/2020accepted100
1018726106/20/2020VulD...cvss3_nvd_avNnist.gov06/20/2020accepted100
1018724806/20/2020VulD...cvss2_nvd_aiNnist.gov06/20/2020accepted100
1018724706/20/2020VulD...cvss2_nvd_iiPnist.gov06/20/2020accepted100
1018724606/20/2020VulD...cvss2_nvd_ciNnist.gov06/20/2020accepted100
1018724506/20/2020VulD...cvss2_nvd_auNnist.gov06/20/2020accepted100
1018724406/20/2020VulD...cvss2_nvd_acLnist.gov06/20/2020accepted100
1018724306/20/2020VulD...cvss2_nvd_avNnist.gov06/20/2020accepted100
1018723306/20/2020VulD...cwe276 (privilege escalation)06/20/2020accepted100
1018728506/20/2020VulD...cvss3_nvd_basescore5.3nist.gov06/20/2020accepted90
1018728406/20/2020VulD...cvss3_vuldb_rcX06/20/2020accepted90

Do you know our Splunk app?

Download it now for free!