CVE-2023-6458 - OpenCVE

Mattermost webapp fails to validate route parameters in/<TEAM_NAME>/channels/<CHANNEL_NAME> allowing an attacker to perform a client-side path traversal.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Mattermost	Mattermost Server

Configuration 1 [-]

OR	cpe:2.3:a:mattermost:mattermost_server::::::::
	cpe:2.3:a:mattermost:mattermost_server::::::::
	cpe:2.3:a:mattermost:mattermost_server::::::::
	cpe:2.3:a:mattermost:mattermost_server::::::::

References

Link	Resource
https://mattermost.com/security-updates	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: Mattermost

Published: 2023-12-06T08:10:18.481Z

Updated: 2023-12-06T08:10:18.481Z

Reserved: 2023-12-01T10:06:07.237Z

Link: CVE-2023-6458

JSON object: View

NVD Information

Status : Analyzed

Published: 2023-12-06T09:15:08.907

Modified: 2023-12-12T19:11:36.897

Link: CVE-2023-6458

JSON object: View

Redhat Information

No data.

CWE

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2023-6458", "assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee", "state": "PUBLISHED", "assignerShortName": "Mattermost", "dateReserved": "2023-12-01T10:06:07.237Z", "datePublished": "2023-12-06T08:10:18.481Z", "dateUpdated": "2023-12-06T08:10:18.481Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Mattermost", "vendor": "Mattermost", "versions": [{"lessThanOrEqual": "9.1.1", "status": "affected", "version": "0", "versionType": "semver"}, {"lessThanOrEqual": "9.0.2", "status": "affected", "version": "0", "versionType": "semver"}, {"lessThanOrEqual": "8.1.4", "status": "affected", "version": "0", "versionType": "semver"}, {"lessThanOrEqual": "7.8.13", "status": "affected", "version": "0", "versionType": "semver"}, {"status": "unaffected", "version": "9.1.2"}, {"status": "unaffected", "version": "9.0.3"}, {"status": "unaffected", "version": "8.1.5"}, {"status": "unaffected", "version": "7.8.14"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "DoyenSec"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Mattermost webapp fails to validate <span style=\"background-color: rgb(255, 255, 255);\">route parameters in</span>/<TEAM_NAME>/channels/<CHANNEL_NAME> <span style=\"background-color: rgb(255, 255, 255);\">allowing an attacker to perform a client-side path traversal.</span></p>"}], "value": "Mattermost webapp fails to validate\u00a0route parameters in/<TEAM_NAME>/channels/<CHANNEL_NAME>\u00a0allowing an attacker to perform a client-side path traversal.\n\n"}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-74", "description": "CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee", "shortName": "Mattermost", "dateUpdated": "2023-12-06T08:10:18.481Z"}, "references": [{"url": "https://mattermost.com/security-updates"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Update Mattermost Server to versions 9.1.2, 9.0.3, 8.1.5, 7.8.14 or higher.</p>"}], "value": "Update Mattermost Server to versions 9.1.2, 9.0.3, 8.1.5, 7.8.14 or higher.\n\n"}], "source": {"advisory": "MMSA-2023-00248", "defect": ["https://mattermost.atlassian.net/browse/MM-53903"], "discovery": "EXTERNAL"}, "title": "Client side path traversal due to lack of route parameters validation", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "6DC0F1AE-87E5-483B-BD2A-945BE99CD487", "versionEndExcluding": "7.8.14", "vulnerable": true}, {"criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "82659141-9C39-492A-9DF2-B2E293E151BE", "versionEndExcluding": "8.1.5", "versionStartIncluding": "8.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "050ACB86-28ED-4BEB-832C-3BA6FCC15D22", "versionEndExcluding": "9.0.3", "versionStartIncluding": "9.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "031CA1A1-C6B0-4096-830D-150CDC3BA8F3", "versionEndExcluding": "9.1.2", "versionStartIncluding": "9.1.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Mattermost webapp fails to validate\u00a0route parameters in/<TEAM_NAME>/channels/<CHANNEL_NAME>\u00a0allowing an attacker to perform a client-side path traversal.\n\n"}, {"lang": "es", "value": "La aplicaci\u00f3n web Mattermost no puede validar los par\u00e1metros de ruta en//channels/, lo que permite a un atacante realizar un path traversal del lado del cliente."}], "id": "CVE-2023-6458", "lastModified": "2023-12-12T19:11:36.897", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:L", "version": "3.1"}, "exploitabilityScore": 1.3, "impactScore": 5.3, "source": "responsibledisclosure@mattermost.com", "type": "Secondary"}]}, "published": "2023-12-06T09:15:08.907", "references": [{"source": "responsibledisclosure@mattermost.com", "tags": ["Vendor Advisory"], "url": "https://mattermost.com/security-updates"}], "sourceIdentifier": "responsibledisclosure@mattermost.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}, {"lang": "en", "value": "CWE-74"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-74"}], "source": "responsibledisclosure@mattermost.com", "type": "Secondary"}]}