CVE-2017-1000493

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2017-1000493

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-1000493.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2017-1000493

Published

2018-01-03T01:29:00.343Z

Modified

2026-04-10T03:56:20.067523Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Rocket.Chat Server version 0.59 and prior is vulnerable to a NoSQL injection leading to administrator account takeover

References

Affected packages

Git / github.com/rocketchat/rocket.chat

Affected ranges

Type

GIT

Repo

https://github.com/rocketchat/rocket.chat

Events

Introduced

Last affected

8f9a85b92fb411fdca1f05856e222cdbbf0c120d

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "0.59"
        }
    ]
}

Affected versions

0.*

0.10.0

0.10.1

0.10.2

0.11.0

0.13.0

0.14.0

0.15.0

0.16.0

0.17.0

0.18.0

0.19.0

0.23.0

0.24.0

0.25.0

0.26.0

0.27.0

0.28.0

0.29.0

0.30.0

0.36.0

0.37.0

0.37.1

0.38.0

0.39.0

0.40.0

0.40.1

0.41.0

0.42.0

0.43.0

0.44.0

0.45.0

0.46.0

0.48.0

0.49.0

0.49.1

0.49.2

0.49.3

0.49.4

0.50.0

0.54.0

0.54.1

0.56.0

0.56.0-rc.0

0.56.0-rc.1

0.56.0-rc.2

0.56.0-rc.3

0.56.0-rc.4

0.56.0-rc.5

0.56.0-rc.6

0.56.0-rc.7

0.57.0

0.57.1

0.57.2

0.58.0

0.58.1

0.58.2

0.59.0

0.8.0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-1000493.json"