Mattermost Server up to 5.7.x Town Square permission assignment

entryeditHistoryDiffjsonxmlCTI

A vulnerability was found in Mattermost Server up to 5.7.x. It has been rated as critical. This issue affects an unknown part of the component Town Square. Upgrading to version 5.8.0 eliminates this vulnerability.

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

User

Field

Commit Conf

Approve Conf

IDCommitedUserFieldChangeRemarksModeratedReasonC
1056118210/25/2020VulD...confirm_urlhttps://mattermost.com/security-updates/cve.mitre.org10/25/2020accepted70
1018733206/20/2020VulD...cve_nvd_summaryAn issue was discovered in Mattermost Server before 5.8.0, when Town Square is set to Read-Only. Users can pin or unpin a post.mitre.org06/20/2020accepted100
1018733106/20/2020VulD...cve_assigned1592524800mitre.org06/20/2020accepted100
1018732406/20/2020VulD...cvss3_nvd_aNnist.gov06/20/2020accepted100
1018732306/20/2020VulD...cvss3_nvd_iLnist.gov06/20/2020accepted100
1018732206/20/2020VulD...cvss3_nvd_cNnist.gov06/20/2020accepted100
1018732106/20/2020VulD...cvss3_nvd_sUnist.gov06/20/2020accepted100
1018732006/20/2020VulD...cvss3_nvd_uiNnist.gov06/20/2020accepted100
1018731906/20/2020VulD...cvss3_nvd_prLnist.gov06/20/2020accepted100
1018731806/20/2020VulD...cvss3_nvd_acLnist.gov06/20/2020accepted100
1018731706/20/2020VulD...cvss3_nvd_avNnist.gov06/20/2020accepted100
1018730406/20/2020VulD...cvss2_nvd_aiNnist.gov06/20/2020accepted100
1018730306/20/2020VulD...cvss2_nvd_iiPnist.gov06/20/2020accepted100
1018730206/20/2020VulD...cvss2_nvd_ciNnist.gov06/20/2020accepted100
1018730106/20/2020VulD...cvss2_nvd_auSnist.gov06/20/2020accepted100
1018730006/20/2020VulD...cvss2_nvd_acMnist.gov06/20/2020accepted100
1018729906/20/2020VulD...cvss2_nvd_avNnist.gov06/20/2020accepted100
1018728906/20/2020VulD...cwe732 (privilege escalation)06/20/2020accepted100
1018734106/20/2020VulD...cvss3_nvd_basescore4.3nist.gov06/20/2020accepted90
1018734006/20/2020VulD...cvss3_vuldb_rcX06/20/2020accepted90

Do you want to use VulDB in your project?

Use the official API to access entries easily!