BIT-mattermost-2020-14460

See a problem?
Import Source
https://github.com/bitnami/vulndb/tree/main/data/mattermost/BIT-mattermost-2020-14460.json
JSON Data
https://api.osv.dev/v1/vulns/BIT-mattermost-2020-14460
Aliases
Published
2024-03-06T11:05:18.275Z
Modified
2024-03-06T11:25:28.861Z
Summary
[none]
Details

An issue was discovered in Mattermost Server before 5.19.0, 5.18.1, 5.17.3, 5.16.5, and 5.9.8. Creation of a trusted OAuth application does not always require admin privileges, aka MMSA-2020-0001.

References

Affected packages

Bitnami / mattermost

Package

Name
mattermost
Purl
pkg:bitnami/mattermost

Severity

  • 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N CVSS Calculator

Affected ranges

Type
SEMVER
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.9.8
Introduced
5.16.0
Fixed
5.16.5
Introduced
5.17.0
Fixed
5.17.3
Introduced
5.18.0
Fixed
5.18.1
Type
SEMVER
Events
Introduced
5.19.0-rc1
Last affected
5.19.0-rc1
Introduced
5.19.0-rc2
Last affected
5.19.0-rc2
Introduced
5.19.0-rc3
Last affected
5.19.0-rc3