Mattermost Server à 5.7.x Domain Request elévation de privilèges

entréeeditHistoryDiffjsonxmlCTI

Une vulnérabilité qui a été classée critique a été trouvée dans Mattermost Server à 5.7.x. Affecté est une fonction inconnue du composant Domain Handler. Mettre à jour à la version 5.8.0 élimine cette vulnérabilité.

Timeline

User

Field

Commit Conf

Approve Conf

IDCommitedUserFieldChangeRemarksModeratedReasonC
1056118125/10/2020VulD...confirm_urlhttps://mattermost.com/security-updates/cve.mitre.org25/10/2020accepted70
1018727620/06/2020VulD...cve_nvd_summaryAn issue was discovered in Mattermost Server before 5.8.0. It does not honor the domain requirement when processing a join request for an open team.mitre.org20/06/2020accepted100
1018727520/06/2020VulD...cve_assigned1592524800mitre.org20/06/2020accepted100
1018726820/06/2020VulD...cvss3_nvd_aNnist.gov20/06/2020accepted100
1018726720/06/2020VulD...cvss3_nvd_iLnist.gov20/06/2020accepted100
1018726620/06/2020VulD...cvss3_nvd_cNnist.gov20/06/2020accepted100
1018726520/06/2020VulD...cvss3_nvd_sUnist.gov20/06/2020accepted100
1018726420/06/2020VulD...cvss3_nvd_uiNnist.gov20/06/2020accepted100
1018726320/06/2020VulD...cvss3_nvd_prNnist.gov20/06/2020accepted100
1018726220/06/2020VulD...cvss3_nvd_acLnist.gov20/06/2020accepted100
1018726120/06/2020VulD...cvss3_nvd_avNnist.gov20/06/2020accepted100
1018724820/06/2020VulD...cvss2_nvd_aiNnist.gov20/06/2020accepted100
1018724720/06/2020VulD...cvss2_nvd_iiPnist.gov20/06/2020accepted100
1018724620/06/2020VulD...cvss2_nvd_ciNnist.gov20/06/2020accepted100
1018724520/06/2020VulD...cvss2_nvd_auNnist.gov20/06/2020accepted100
1018724420/06/2020VulD...cvss2_nvd_acLnist.gov20/06/2020accepted100
1018724320/06/2020VulD...cvss2_nvd_avNnist.gov20/06/2020accepted100
1018723320/06/2020VulD...cwe276 (elévation de privilèges)20/06/2020accepted100
1018728520/06/2020VulD...cvss3_nvd_basescore5.3nist.gov20/06/2020accepted90
1018728420/06/2020VulD...cvss3_vuldb_rcX20/06/2020accepted90

Might our Artificial Intelligence support you?

Check our Alexa App!