CVE-2023-45316

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-45316
Mattermost fails to validate if a relative path is passed in /plugins/playbooks/api/v0/telemetry/run/<telem_run_id> as a telemetry run ID, allowing an attacker to use a path traversal payload that points to a different endpoint leading to a CSRF attack.

8.8 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://mattermost.com/security-updates Issue Tracking Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*
cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*
cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*
cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*
cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*
History

14 Dec 2023, 18:58

Type Values Removed Values Added
CPE cpe:2.3:a:mattermost:mattermost_server:9.1.1:*:*:*:*:*:*:*

14 Dec 2023, 18:03

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 7.3 		v2 : unknown
v3 : 8.8
First Time Mattermost
Mattermost mattermost Server
Summary
  • (es) Mattermost no logra validar si se pasa una ruta relativa en /plugins/playbooks/api/v0/telemetry/run/ como ID de ejecución de telemetría, lo que permite a un atacante usar un payload de path traversal que apunta a un endpoint diferente que conduce a un ataque CSRF.
CWE CWE-22
CPE cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*
cpe:2.3:a:mattermost:mattermost_server:9.1.1:*:*:*:*:*:*:*
References () https://mattermost.com/security-updates - () https://mattermost.com/security-updates - Issue Tracking, Vendor Advisory

12 Dec 2023, 09:15

Type Values Removed Values Added
New CVE
Information

Published : 2023-12-12 09:15

Updated : 2023-12-14 18:58

NVD link : CVE-2023-45316

Mitre link : CVE-2023-45316

CVE.ORG link : CVE-2023-45316

JSON object : View

Products Affected

mattermost

  • mattermost_server
CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CWE-352

Cross-Site Request Forgery (CSRF)