CVE-2023-6458 - Vulnerability Details - OpenCVE

Mattermost webapp fails to validate route parameters in/<TEAM_NAME>/channels/<CHANNEL_NAME> allowing an attacker to perform a client-side path traversal.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required Low

Scope Changed

Confidentiality Impact Low

Integrity Impact High

Availability Impact Low

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00464.

Key SSVC decision points have not yet been added.

Vendors	Products
Mattermost Subscribe	Mattermost Server Subscribe

Configuration 1 [-]

OR	cpe:2.3:a:mattermost:mattermost_server::::::::
	cpe:2.3:a:mattermost:mattermost_server::::::::
	cpe:2.3:a:mattermost:mattermost_server::::::::
	cpe:2.3:a:mattermost:mattermost_server::::::::

No data.

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2023-3139	Mattermost webapp fails to validate route parameters in/<TEAM_NAME>/channels/<CHANNEL_NAME> allowing an attacker to perform a client-side path traversal.
Github GHSA	GHSA-7664-hcp7-f497	Mattermost Injection vulnerability

Fixes

Solution

Update Mattermost Server to versions 9.1.2, 9.0.3, 8.1.5, 7.8.14 or higher.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://mattermost.com/security-updates

History

No history.

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: Mattermost

Published: 2023-12-06T08:10:18.481Z

Updated: 2024-08-02T08:28:21.829Z

Reserved: 2023-12-01T10:06:07.237Z

Link: CVE-2023-6458

Vulnrichment

No data.

NVD

Status : Modified

Published: 2023-12-06T09:15:08.907

Modified: 2024-11-21T08:43:53.947

Link: CVE-2023-6458

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-6458", "assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee", "state": "PUBLISHED", "assignerShortName": "Mattermost", "dateReserved": "2023-12-01T10:06:07.237Z", "datePublished": "2023-12-06T08:10:18.481Z", "dateUpdated": "2024-08-02T08:28:21.829Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Mattermost", "vendor": "Mattermost", "versions": [{"lessThanOrEqual": "9.1.1", "status": "affected", "version": "0", "versionType": "semver"}, {"lessThanOrEqual": "9.0.2", "status": "affected", "version": "0", "versionType": "semver"}, {"lessThanOrEqual": "8.1.4", "status": "affected", "version": "0", "versionType": "semver"}, {"lessThanOrEqual": "7.8.13", "status": "affected", "version": "0", "versionType": "semver"}, {"status": "unaffected", "version": "9.1.2"}, {"status": "unaffected", "version": "9.0.3"}, {"status": "unaffected", "version": "8.1.5"}, {"status": "unaffected", "version": "7.8.14"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "DoyenSec"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Mattermost webapp fails to validate <span style=\"background-color: rgb(255, 255, 255);\">route parameters in</span>/<TEAM_NAME>/channels/<CHANNEL_NAME> <span style=\"background-color: rgb(255, 255, 255);\">allowing an attacker to perform a client-side path traversal.</span></p>"}], "value": "Mattermost webapp fails to validate\u00a0route parameters in/<TEAM_NAME>/channels/<CHANNEL_NAME>\u00a0allowing an attacker to perform a client-side path traversal.\n\n"}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-74", "description": "CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee", "shortName": "Mattermost", "dateUpdated": "2023-12-06T08:10:18.481Z"}, "references": [{"url": "https://mattermost.com/security-updates"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Update Mattermost Server to versions 9.1.2, 9.0.3, 8.1.5, 7.8.14 or higher.</p>"}], "value": "Update Mattermost Server to versions 9.1.2, 9.0.3, 8.1.5, 7.8.14 or higher.\n\n"}], "source": {"advisory": "MMSA-2023-00248", "defect": ["https://mattermost.atlassian.net/browse/MM-53903"], "discovery": "EXTERNAL"}, "title": "Client side path traversal due to lack of route parameters validation", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T08:28:21.829Z"}, "title": "CVE Program Container", "references": [{"url": "https://mattermost.com/security-updates", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "6DC0F1AE-87E5-483B-BD2A-945BE99CD487", "versionEndExcluding": "7.8.14", "vulnerable": true}, {"criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "82659141-9C39-492A-9DF2-B2E293E151BE", "versionEndExcluding": "8.1.5", "versionStartIncluding": "8.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "050ACB86-28ED-4BEB-832C-3BA6FCC15D22", "versionEndExcluding": "9.0.3", "versionStartIncluding": "9.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "031CA1A1-C6B0-4096-830D-150CDC3BA8F3", "versionEndExcluding": "9.1.2", "versionStartIncluding": "9.1.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Mattermost webapp fails to validate\u00a0route parameters in/<TEAM_NAME>/channels/<CHANNEL_NAME>\u00a0allowing an attacker to perform a client-side path traversal.\n\n"}, {"lang": "es", "value": "La aplicaci\u00f3n web Mattermost no puede validar los par\u00e1metros de ruta en//channels/, lo que permite a un atacante realizar un path traversal del lado del cliente."}], "id": "CVE-2023-6458", "lastModified": "2024-11-21T08:43:53.947", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:L", "version": "3.1"}, "exploitabilityScore": 1.3, "impactScore": 5.3, "source": "responsibledisclosure@mattermost.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-12-06T09:15:08.907", "references": [{"source": "responsibledisclosure@mattermost.com", "tags": ["Vendor Advisory"], "url": "https://mattermost.com/security-updates"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://mattermost.com/security-updates"}], "sourceIdentifier": "responsibledisclosure@mattermost.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-74"}], "source": "responsibledisclosure@mattermost.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-22"}, {"lang": "en", "value": "CWE-74"}], "source": "nvd@nist.gov", "type": "Primary"}]}