Mattermost Server till 5.7.x Attachment privilegier eskalering

inträdeeditHistoryDiffjsonxmlCTI

Det var en kritiskt svag punkt upptäcktes i Mattermost Server till 5.7.x. Som påverkar en okänd funktion av komponenten Attachment Handler. En uppgradering till den version 5.8.0 att åtgärda problemet.

Tidslinje

Användare

Fält

Commit Conf

Approve Conf

IDEngageradAnvändareFältFörändraAnmärkningarModereradAnledningC
1056118325/10/2020VulD...confirm_urlhttps://mattermost.com/security-updates/cve.mitre.org25/10/2020accepterad70
1018738820/06/2020VulD...cve_nvd_summaryAn issue was discovered in Mattermost Server before 5.8.0. It allows attackers to partially attach a file to more than one post.mitre.org20/06/2020accepterad100
1018738720/06/2020VulD...cve_assigned1592524800mitre.org20/06/2020accepterad100
1018738020/06/2020VulD...cvss3_nvd_aNnist.gov20/06/2020accepterad100
1018737920/06/2020VulD...cvss3_nvd_iLnist.gov20/06/2020accepterad100
1018737820/06/2020VulD...cvss3_nvd_cNnist.gov20/06/2020accepterad100
1018737720/06/2020VulD...cvss3_nvd_sUnist.gov20/06/2020accepterad100
1018737620/06/2020VulD...cvss3_nvd_uiNnist.gov20/06/2020accepterad100
1018737520/06/2020VulD...cvss3_nvd_prNnist.gov20/06/2020accepterad100
1018737420/06/2020VulD...cvss3_nvd_acLnist.gov20/06/2020accepterad100
1018737320/06/2020VulD...cvss3_nvd_avNnist.gov20/06/2020accepterad100
1018736020/06/2020VulD...cvss2_nvd_aiNnist.gov20/06/2020accepterad100
1018735920/06/2020VulD...cvss2_nvd_iiPnist.gov20/06/2020accepterad100
1018735820/06/2020VulD...cvss2_nvd_ciNnist.gov20/06/2020accepterad100
1018735720/06/2020VulD...cvss2_nvd_auNnist.gov20/06/2020accepterad100
1018735620/06/2020VulD...cvss2_nvd_acLnist.gov20/06/2020accepterad100
1018735520/06/2020VulD...cvss2_nvd_avNnist.gov20/06/2020accepterad100
1018734520/06/2020VulD...cwe732 (privilegier eskalering)20/06/2020accepterad100
1018739720/06/2020VulD...cvss3_nvd_basescore5.3nist.gov20/06/2020accepterad90
1018739620/06/2020VulD...cvss3_vuldb_rcX20/06/2020accepterad90

🔒 Login Required

You need to signup and login to see more of the remaining 37 results.

TidigareÖversiktNästa

Do you want to use VulDB in your project?

Use the official API to access entries easily!