CVE-2023-5968 - OpenCVE

Mattermost fails to properly sanitize the user object when updating the username, resulting in the password hash being included in the response body.

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Mattermost	Mattermost

Configuration 1 [-]

OR	cpe:2.3:a:mattermost:mattermost::::::::
	cpe:2.3:a:mattermost:mattermost::::::::
	cpe:2.3:a:mattermost:mattermost::::::::
	cpe:2.3:a:mattermost:mattermost:9.0.0:::::::*

References

Link	Resource
https://mattermost.com/security-updates	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: Mattermost

Published: 2023-11-06T15:35:14.094Z

Updated: 2023-11-06T15:35:14.094Z

Reserved: 2023-11-06T15:28:44.101Z

Link: CVE-2023-5968

JSON object: View

NVD Information

Status : Analyzed

Published: 2023-11-06T16:15:42.897

Modified: 2023-11-14T17:14:39.187

Link: CVE-2023-5968

JSON object: View

Redhat Information

No data.

CWE

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2023-5968", "assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee", "state": "PUBLISHED", "assignerShortName": "Mattermost", "dateReserved": "2023-11-06T15:28:44.101Z", "datePublished": "2023-11-06T15:35:14.094Z", "dateUpdated": "2023-11-06T15:35:14.094Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Mattermost", "vendor": "Mattermost", "versions": [{"lessThanOrEqual": "7.8.11", "status": "affected", "version": "0", "versionType": "semver"}, {"lessThanOrEqual": "8.0.3", "status": "affected", "version": "0", "versionType": "semver"}, {"lessThanOrEqual": "8.1.2", "status": "affected", "version": "0", "versionType": "semver"}, {"lessThanOrEqual": "9.0.0", "status": "affected", "version": "0", "versionType": "semver"}, {"status": "unaffected", "version": "7.8.12"}, {"status": "unaffected", "version": "8.0.4"}, {"status": "unaffected", "version": "8.1.3"}, {"status": "unaffected", "version": "9.0.1"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Juho Nurminen"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Mattermost fails to properly sanitize the user object when updating the username, resulting in the password hash being included in the response body. </p>"}], "value": "Mattermost fails to properly sanitize the user object when updating the username, resulting in the password hash being included in the response body.\u00a0\n\n"}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-200", "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee", "shortName": "Mattermost", "dateUpdated": "2023-11-06T15:35:14.094Z"}, "references": [{"url": "https://mattermost.com/security-updates"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Update Mattermost Server to versions <span style=\"background-color: rgb(255, 255, 255);\">7.8.12, <span style=\"background-color: rgb(255, 255, 255);\">8.0.4, </span></span>8.1.3, 9.0.1 or higher.</p>"}], "value": "Update Mattermost Server to versions\u00a07.8.12,\u00a08.0.4,\u00a08.1.3, 9.0.1 or higher.\n\n"}], "source": {"advisory": "MMSA-2023-00242", "defect": ["https://mattermost.atlassian.net/browse/MM-54225"], "discovery": "INTERNAL"}, "title": "Password hash in response body after username update", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*", "matchCriteriaId": "9A8DD228-69E5-4BD3-8BF4-0BFDA61F9951", "versionEndIncluding": "7.8.11", "vulnerable": true}, {"criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*", "matchCriteriaId": "154F3427-98C1-4D4F-BFA7-499E2FE8AEED", "versionEndIncluding": "8.0.3", "versionStartIncluding": "8.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*", "matchCriteriaId": "19AC73DE-98C1-4653-BB69-C8ECB0E51D54", "versionEndIncluding": "8.1.2", "versionStartIncluding": "8.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mattermost:mattermost:9.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "4AEE8D64-761C-4223-B100-D5D6DFF8E331", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Mattermost fails to properly sanitize the user object when updating the username, resulting in the password hash being included in the response body.\u00a0\n\n"}, {"lang": "es", "value": "Mattermost no sanitiza adecuadamente el objeto de usuario al actualizar el nombre de usuario, lo que hace que el hash de la contrase\u00f1a se incluya en el cuerpo de la respuesta."}], "id": "CVE-2023-5968", "lastModified": "2023-11-14T17:14:39.187", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 3.6, "source": "responsibledisclosure@mattermost.com", "type": "Secondary"}]}, "published": "2023-11-06T16:15:42.897", "references": [{"source": "responsibledisclosure@mattermost.com", "tags": ["Vendor Advisory"], "url": "https://mattermost.com/security-updates"}], "sourceIdentifier": "responsibledisclosure@mattermost.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-116"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-200"}], "source": "responsibledisclosure@mattermost.com", "type": "Secondary"}]}