admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-07 13:36:56 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2023/CVE-2023-22xx/CVE-2023-2281.json

107 lines
2.8 KiB
JSON
Raw Normal View History

Auto-Update: 2023-04-25T15:08:22.739572+00:00
2023-04-25 17:08:25 +02:00
{
"id": "CVE-2023-2281",
"sourceIdentifier": "responsibledisclosure@mattermost.com",
"published": "2023-04-25T14:15:09.423",
Auto-Update: 2024-03-07T12:24:07.874550+00:00
2024-03-07 12:27:24 +00:00
"lastModified": "2023-05-04T17:37:18.207",
"vulnStatus": "Analyzed",
Auto-Update: 2024-07-14T02:00:17.787041+00:00
2024-07-14 02:06:08 +00:00
"cveTags": [],
Auto-Update: 2023-04-25T15:08:22.739572+00:00
2023-04-25 17:08:25 +02:00
"descriptions": [
{
"lang": "en",
"value": "When archiving a team, Mattermost fails to sanitize the related Websocket event sent to currently connected clients. This allows the clients to see the name, display name, description, and other data about the archived team.\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
Auto-Update: 2024-03-07T12:24:07.874550+00:00
2024-03-07 12:27:24 +00:00
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
Auto-Update: 2023-04-25T15:08:22.739572+00:00
2023-04-25 17:08:25 +02:00
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.6,
"impactScore": 1.4
}
]
},
"weaknesses": [
Auto-Update: 2024-03-07T12:24:07.874550+00:00
2024-03-07 12:27:24 +00:00
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
Auto-Update: 2023-04-25T15:08:22.739572+00:00
2023-04-25 17:08:25 +02:00
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
Auto-Update: 2024-03-07T12:24:07.874550+00:00
2024-03-07 12:27:24 +00:00
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.9.0",
"matchCriteriaId": "94666C53-2515-42CF-9EE0-F3CD3B801751"
}
]
}
]
}
],
Auto-Update: 2023-04-25T15:08:22.739572+00:00
2023-04-25 17:08:25 +02:00
"references": [
{
"url": "https://mattermost.com/security-updates/",
Auto-Update: 2024-03-07T12:24:07.874550+00:00
2024-03-07 12:27:24 +00:00
"source": "responsibledisclosure@mattermost.com",
"tags": [
"Vendor Advisory"
]
Auto-Update: 2023-04-25T15:08:22.739572+00:00
2023-04-25 17:08:25 +02:00
}
]
}
Reference in New Issue Copy Permalink