Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
3.1
CVSSv3

CVE-2023-3584

Published: 17/07/2023 Updated: 27/07/2023
CVSS v3 Base Score: 3.1 | Impact Score: 1.4 | Exploitability Score: 1.6
VMScore: 0

Vulnerability Summary

Mattermost fails to properly check the authorization of POST /api/v4/teams when passing a team override scheme ID in the request, allowing an authenticated attacker with knowledge of a Team Override Scheme ID to create a new team with said team override scheme.

Vulnerable Product Search on Vulmon Subscribe to Product

mattermost mattermost server

References

CWE-863https://mattermost.com/security-updateshttps://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of serviceCVE-2024-27371CVE-2024-20405CVE-2024-31627CVE-2024-31625race conditionCVE-2024-4358cross-site scriptingCVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook