Mattermost Server till 5.21.x Markdown Renderer förnekande av tjänsten

inträdeeditHistoryDiffjsonxmlCTI

Det var en problematiskt svag punkt som finns i Mattermost Server till 5.21.x. Som påverkar en okänd funktion av komponenten Markdown Renderer. En uppgradering till den version 5.22.0 att åtgärda problemet.

Fält	20/06/2020 08:07 AM	20/06/2020 08:12 AM	25/10/2020 08:19 PM
cvss3_vuldb_basescore	5.3	5.3	5.3
cvss3_vuldb_tempscore	5.1	5.1	5.1
cvss3_vuldb_av	N	N	N
cvss3_vuldb_ac	L	L	L
cvss3_vuldb_pr	N	N	N
cvss3_vuldb_ui	N	N	N
cvss3_vuldb_s	U	U	U
cvss3_vuldb_c	N	N	N
cvss3_vuldb_i	N	N	N
cvss3_vuldb_a	L	L	L
date	1592524800 (19/06/2020)	1592524800 (19/06/2020)	1592524800 (19/06/2020)
url	https://mattermost.com/security-updates/	https://mattermost.com/security-updates/	https://mattermost.com/security-updates/
price_0day	$0-$5k	$0-$5k	$0-$5k
name	Upgrade	Upgrade	Upgrade
upgrade_version	5.22.0	5.22.0	5.22.0
cve	CVE-2020-14450	CVE-2020-14450	CVE-2020-14450
seealso	156956 156957 156958 156959 156960 156961 156962 156963 156964 156965 156966 156967 156968 156969 156970 156971 156972 156973 156974 156975 156976 156977 156978 156979 156980 156981 156982 156983 156984 156985	156956 156957 156958 156959 156960 156961 156962 156963 156964 156965 156966 156967 156968 156969 156970 156971 156972 156973 156974 156975 156976 156977 156978 156979 156980 156981 156982 156983 156984 156985	156956 156957 156958 156959 156960 156961 156962 156963 156964 156965 156966 156967 156968 156969 156970 156971 156972 156973 156974 156975 156976 156977 156978 156979 156980 156981 156982 156983 156984 156985
location	Website	Website	Website
cvss2_vuldb_e	ND	ND	ND
cvss2_vuldb_rl	OF	OF	OF
cvss2_vuldb_rc	ND	ND	ND
cvss3_vuldb_e	X	X	X
cvss3_vuldb_rl	O	O	O
cvss3_vuldb_rc	X	X	X
cvss3_nvd_basescore	7.5	7.5	7.5
name	Mattermost Server	Mattermost Server	Mattermost Server
version	<=5.21.x	<=5.21.x	<=5.21.x
component	Markdown Renderer	Markdown Renderer	Markdown Renderer
risk	1	1	1
cvss2_vuldb_basescore	5.0	5.0	5.0
cvss2_vuldb_tempscore	4.4	4.4	4.4
cvss2_vuldb_av	N	N	N
cvss2_vuldb_ac	L	L	L
cvss2_vuldb_au	N	N	N
cvss2_vuldb_ci	N	N	N
cvss2_vuldb_ii	N	N	N
cvss2_vuldb_ai	P	P	P
cvss3_meta_basescore	6.4	6.4	6.4
cvss3_meta_tempscore	6.1	6.1	6.1
cvss3_nvd_av		N	N
cvss3_nvd_ac		L	L
cvss3_nvd_pr		N	N
cvss3_nvd_ui		N	N
cvss3_nvd_s		U	U
cvss3_nvd_c		N	N
cvss3_nvd_i		N	N
cvss3_nvd_a		H	H
cve_assigned		1592524800	1592524800
cve_nvd_summary		An issue was discovered in Mattermost Server before 5.22.0. The markdown renderer allows attackers to cause a denial of service (client-side), aka MMSA-2020-0017.	An issue was discovered in Mattermost Server before 5.22.0. The markdown renderer allows attackers to cause a denial of service (client-side), aka MMSA-2020-0017.
cwe	0	404 (förnekande av tjänsten)	404 (förnekande av tjänsten)
cvss2_nvd_av		N	N
cvss2_nvd_ac		L	L
cvss2_nvd_au		N	N
cvss2_nvd_ci		N	N
cvss2_nvd_ii		N	N
cvss2_nvd_ai		P	P
confirm_url			https://mattermost.com/security-updates/

◂ Tidigare Översikt Nästa ▸

Do you know our Splunk app?

Download it now for free!