Vulnerability-Lookup

CNVD-2023-94488

Vulnerability from cnvd - Published: 2023-12-01

Title

Mattermost安全绕过漏洞

Description

Mattermost是美国Mattermost公司的一个开源协作平台。 Mattermost存在安全绕过漏洞，该漏洞源于无法检查在永久链接预览显示期间是否启用“Allow users to view archived channels”设置，即使禁用“Allow users to view archived channels”设置，攻击者可利用此漏洞查看存档频道的永久链接预览。

Severity

中

Patch Name

Mattermost安全绕过漏洞的补丁

Patch Description

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://mattermost.com/security-updates

Reference

https://nvd.nist.gov/vuln/detail/CVE-2023-47865

Impacted products

Name
Mattermost Mattermost

Show details on source website

JSON

To clipboard Create KEV Entry

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2023-43754",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2023-43754"
    }
  },
  "description": "Mattermost\u662f\u7f8e\u56fdMattermost\u516c\u53f8\u7684\u4e00\u4e2a\u5f00\u6e90\u534f\u4f5c\u5e73\u53f0\u3002\n\nMattermost\u5b58\u5728\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u65e0\u6cd5\u68c0\u67e5\u5728\u6c38\u4e45\u94fe\u63a5\u9884\u89c8\u663e\u793a\u671f\u95f4\u662f\u5426\u542f\u7528\u201cAllow users to view archived channels\u201d\u8bbe\u7f6e\uff0c\u5373\u4f7f\u7981\u7528\u201cAllow users to view archived channels\u201d\u8bbe\u7f6e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u6b64\u6f0f\u6d1e\u67e5\u770b\u5b58\u6863\u9891\u9053\u7684\u6c38\u4e45\u94fe\u63a5\u9884\u89c8\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://mattermost.com/security-updates",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2023-94488",
  "openTime": "2023-12-01",
  "patchDescription": "Mattermost\u662f\u7f8e\u56fdMattermost\u516c\u53f8\u7684\u4e00\u4e2a\u5f00\u6e90\u534f\u4f5c\u5e73\u53f0\u3002\r\n\r\nMattermost\u5b58\u5728\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u65e0\u6cd5\u68c0\u67e5\u5728\u6c38\u4e45\u94fe\u63a5\u9884\u89c8\u663e\u793a\u671f\u95f4\u662f\u5426\u542f\u7528\u201cAllow users to view archived channels\u201d\u8bbe\u7f6e\uff0c\u5373\u4f7f\u7981\u7528\u201cAllow users to view archived channels\u201d\u8bbe\u7f6e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u6b64\u6f0f\u6d1e\u67e5\u770b\u5b58\u6863\u9891\u9053\u7684\u6c38\u4e45\u94fe\u63a5\u9884\u89c8\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Mattermost\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Mattermost Mattermost"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2023-47865",
  "serverity": "\u4e2d",
  "submitTime": "2023-11-30",
  "title": "Mattermost\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e"
}

CVE-2023-43754 (GCVE-0-2023-43754)

Vulnerability from cvelistv5 – Published: 2023-11-27 09:11 – Updated: 2024-08-02 19:52

Title

Permalink previews displayed for posts in archived channels even if users are disallowed to view archived channels

Summary

Mattermost fails to check whether the “Allow users to view archived channels” setting is enabled during permalink previews display, allowing members to view permalink previews of archived channels even if the “Allow users to view archived channels” setting is disabled.

Severity ?

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CWE

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Assigner

Mattermost

References

URL

Tags

https://mattermost.com/security-updates

Impacted products

	Vendor	Product	Version
	Mattermost	Mattermost	Affected: 0 , ≤ 7.8.12 (semver) Affected: 0 , ≤ 8.1.3 (semver) Affected: 0 , ≤ 9.0.1 (semver) Affected: 0 , ≤ 9.1.0 (semver) Unaffected: 9.0.2 Unaffected: 9.1.1 Unaffected: 7.8.13 Unaffected: 8.1.4

Credits

Harrison Healey

Show details on NVD website

JSON

To clipboard Create KEV Entry

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T19:52:11.105Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://mattermost.com/security-updates"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Mattermost",
          "vendor": "Mattermost",
          "versions": [
            {
              "lessThanOrEqual": "7.8.12",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "8.1.3",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "9.0.1",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "9.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "status": "unaffected",
              "version": "9.0.2"
            },
            {
              "status": "unaffected",
              "version": "9.1.1"
            },
            {
              "status": "unaffected",
              "version": "7.8.13"
            },
            {
              "status": "unaffected",
              "version": "8.1.4"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Harrison Healey"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eMattermost fails to check whether the\u0026nbsp; \u201cAllow users to view archived channels\u201d\u0026nbsp; setting is enabled during permalink previews display, allowing members to view permalink previews of archived channels even if the\u0026nbsp;\u201cAllow users to view archived channels\u201d setting is disabled.\u0026nbsp;\u003c/p\u003e"
            }
          ],
          "value": "Mattermost fails to check whether the\u00a0 \u201cAllow users to view archived channels\u201d\u00a0 setting is enabled during permalink previews display, allowing members to view permalink previews of archived channels even if the\u00a0\u201cAllow users to view archived channels\u201d setting is disabled.\u00a0\n\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-200",
              "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-11-27T09:11:13.283Z",
        "orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
        "shortName": "Mattermost"
      },
      "references": [
        {
          "url": "https://mattermost.com/security-updates"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eUpdate Mattermost Server to versions 9.0.2, 9.1.1, 7.8.13, 8.1.4 or higher.\u003c/p\u003e"
            }
          ],
          "value": "Update Mattermost Server to versions 9.0.2, 9.1.1, 7.8.13, 8.1.4 or higher.\n\n"
        }
      ],
      "source": {
        "advisory": "MMSA-2023-00241",
        "defect": [
          "https://mattermost.atlassian.net/browse/MM-54221"
        ],
        "discovery": "INTERNAL"
      },
      "title": "Permalink previews displayed for posts in archived channels even if users are disallowed to view archived channels",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
    "assignerShortName": "Mattermost",
    "cveId": "CVE-2023-43754",
    "datePublished": "2023-11-27T09:11:13.283Z",
    "dateReserved": "2023-11-22T11:37:35.971Z",
    "dateUpdated": "2024-08-02T19:52:11.105Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2023-94488

CVE-2023-43754 (GCVE-0-2023-43754)

Tags

Sightings

Nomenclature