csaf_certbund - wid-sec-w-2025-0905

wid-sec-w-2025-0905

Vulnerability from csaf_certbund

Published

2025-04-29 22:00

Modified

2025-06-11 22:00

Summary

Mattermost: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Mattermost ist ein webbasierter Instant-Messaging-Dienst.

Angriff

Ein Angreifer kann mehrere Schwachstellen in Mattermost ausnutzen, um Sicherheitsmechanismen zu umgehen und Informationen offenzulegen.

Betroffene Betriebssysteme

- Linux - Sonstiges - UNIX - Windows

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Mattermost ist ein webbasierter Instant-Messaging-Dienst.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen in Mattermost ausnutzen, um Sicherheitsmechanismen zu umgehen und Informationen offenzulegen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux\n- Sonstiges\n- UNIX\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2025-0905 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0905.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2025-0905 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0905"
      },
      {
        "category": "external",
        "summary": "Mattermost Security Updates vom 2025-04-29",
        "url": "https://mattermost.com/security-updates/#server"
      }
    ],
    "source_lang": "en-US",
    "title": "Mattermost: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-06-11T22:00:00.000+00:00",
      "generator": {
        "date": "2025-06-12T06:13:38.695+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.12"
        }
      },
      "id": "WID-SEC-W-2025-0905",
      "initial_release_date": "2025-04-29T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2025-04-29T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2025-06-11T22:00:00.000+00:00",
          "number": "2",
          "summary": "CVE, Bewertung und Beschreibung nach Ver\u00f6ffentlichung von Mattermost erg\u00e4nzt"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c9.11.13",
                "product": {
                  "name": "Mattermost Mattermost \u003c9.11.13",
                  "product_id": "T043220"
                }
              },
              {
                "category": "product_version",
                "name": "9.11.13",
                "product": {
                  "name": "Mattermost Mattermost 9.11.13",
                  "product_id": "T043220-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:mattermost:mattermost_server:9.11.13"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.5.4",
                "product": {
                  "name": "Mattermost Mattermost \u003c10.5.4",
                  "product_id": "T043221"
                }
              },
              {
                "category": "product_version",
                "name": "10.5.4",
                "product": {
                  "name": "Mattermost Mattermost 10.5.4",
                  "product_id": "T043221-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:mattermost:mattermost_server:10.5.4"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.7.1",
                "product": {
                  "name": "Mattermost Mattermost \u003c10.7.1",
                  "product_id": "T043222"
                }
              },
              {
                "category": "product_version",
                "name": "10.7.1",
                "product": {
                  "name": "Mattermost Mattermost 10.7.1",
                  "product_id": "T043222-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:mattermost:mattermost_server:10.7.1"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.8.0",
                "product": {
                  "name": "Mattermost Mattermost \u003c10.8.0",
                  "product_id": "T043223"
                }
              },
              {
                "category": "product_version",
                "name": "10.8.0",
                "product": {
                  "name": "Mattermost Mattermost 10.8.0",
                  "product_id": "T043223-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:mattermost:mattermost_server:10.8.0"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.6.3",
                "product": {
                  "name": "Mattermost Mattermost \u003c10.6.3",
                  "product_id": "T043224"
                }
              },
              {
                "category": "product_version",
                "name": "10.6.3",
                "product": {
                  "name": "Mattermost Mattermost 10.6.3",
                  "product_id": "T043224-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:mattermost:mattermost_server:10.6.3"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Mattermost"
          }
        ],
        "category": "vendor",
        "name": "Mattermost"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-1792",
      "product_status": {
        "known_affected": [
          "T043223",
          "T043224",
          "T043220",
          "T043221",
          "T043222"
        ]
      },
      "release_date": "2025-04-29T22:00:00.000+00:00",
      "title": "CVE-2025-1792"
    },
    {
      "cve": "CVE-2025-2571",
      "product_status": {
        "known_affected": [
          "T043223",
          "T043224",
          "T043220",
          "T043221",
          "T043222"
        ]
      },
      "release_date": "2025-04-29T22:00:00.000+00:00",
      "title": "CVE-2025-2571"
    },
    {
      "cve": "CVE-2025-3230",
      "product_status": {
        "known_affected": [
          "T043223",
          "T043224",
          "T043220",
          "T043221",
          "T043222"
        ]
      },
      "release_date": "2025-04-29T22:00:00.000+00:00",
      "title": "CVE-2025-3230"
    },
    {
      "cve": "CVE-2025-3611",
      "product_status": {
        "known_affected": [
          "T043223",
          "T043224",
          "T043220",
          "T043221",
          "T043222"
        ]
      },
      "release_date": "2025-04-29T22:00:00.000+00:00",
      "title": "CVE-2025-3611"
    },
    {
      "cve": "CVE-2025-3913",
      "product_status": {
        "known_affected": [
          "T043223",
          "T043224",
          "T043220",
          "T043221",
          "T043222"
        ]
      },
      "release_date": "2025-04-29T22:00:00.000+00:00",
      "title": "CVE-2025-3913"
    }
  ]
}

CVE-2025-2571 (GCVE-0-2025-2571)

Vulnerability from cvelistv5

Published

2025-05-30 14:22

Modified

2025-05-30 14:44

Severity ?

4.2 (Medium) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N

CWE

CWE-303 - Incorrect Implementation of Authentication Algorithm

Summary

Mattermost versions 10.7.x <= 10.7.0, 10.6.x <= 10.6.2, 10.5.x <= 10.5.3, 9.11.x <= 9.11.12 fail to clear Google OAuth credentials when converting user accounts to bot accounts, allowing attackers to gain unauthorized access to bot accounts via the Google OAuth signup flow.

References

►

URL

Tags

https://mattermost.com/security-updates

Impacted products

	Vendor	Product	Version
	Mattermost	Mattermost	Version: 10.7.0 ≤ Version: 10.6.0 ≤ 10.6.2 Version: 10.5.0 ≤ 10.5.3 Version: 9.11.0 ≤ 9.11.12

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-2571",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-30T14:44:27.228240Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-30T14:44:40.129Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Mattermost",
          "vendor": "Mattermost",
          "versions": [
            {
              "status": "affected",
              "version": "10.7.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "10.6.2",
              "status": "affected",
              "version": "10.6.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "10.5.3",
              "status": "affected",
              "version": "10.5.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "9.11.12",
              "status": "affected",
              "version": "9.11.0",
              "versionType": "semver"
            },
            {
              "status": "unaffected",
              "version": "10.8.0"
            },
            {
              "status": "unaffected",
              "version": "10.7.1"
            },
            {
              "status": "unaffected",
              "version": "10.6.3"
            },
            {
              "status": "unaffected",
              "version": "10.5.4"
            },
            {
              "status": "unaffected",
              "version": "9.11.13"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "eAhmed"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eMattermost versions 10.7.x \u0026lt;= 10.7.0, 10.6.x \u0026lt;= 10.6.2, 10.5.x \u0026lt;= 10.5.3, 9.11.x \u0026lt;= 9.11.12 fail to clear Google OAuth credentials when converting user accounts to bot accounts, allowing attackers to gain unauthorized access to bot accounts via the Google OAuth signup flow.\u003c/p\u003e"
            }
          ],
          "value": "Mattermost versions 10.7.x \u003c= 10.7.0, 10.6.x \u003c= 10.6.2, 10.5.x \u003c= 10.5.3, 9.11.x \u003c= 9.11.12 fail to clear Google OAuth credentials when converting user accounts to bot accounts, allowing attackers to gain unauthorized access to bot accounts via the Google OAuth signup flow."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.2,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-303",
              "description": "CWE-303: Incorrect Implementation of Authentication Algorithm",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-30T14:22:08.913Z",
        "orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
        "shortName": "Mattermost"
      },
      "references": [
        {
          "url": "https://mattermost.com/security-updates"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eUpdate Mattermost to versions 10.8.0, 10.7.1, 10.6.3, 10.5.4, 9.11.13 or higher.\u003c/p\u003e"
            }
          ],
          "value": "Update Mattermost to versions 10.8.0, 10.7.1, 10.6.3, 10.5.4, 9.11.13 or higher."
        }
      ],
      "source": {
        "advisory": "MMSA-2025-00458",
        "defect": [
          "https://mattermost.atlassian.net/browse/MM-63341"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "Google OAuth Authentication Bypass for Converted Bot Accounts",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
    "assignerShortName": "Mattermost",
    "cveId": "CVE-2025-2571",
    "datePublished": "2025-05-30T14:22:08.913Z",
    "dateReserved": "2025-03-20T20:10:48.601Z",
    "dateUpdated": "2025-05-30T14:44:40.129Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-3611 (GCVE-0-2025-3611)

Vulnerability from cvelistv5

Published

2025-05-30 14:22

Modified

2025-05-30 14:37

Severity ?

3.1 (Low) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

CWE

CWE-863 - Incorrect Authorization

Summary

Mattermost versions 10.7.x <= 10.7.0, 10.5.x <= 10.5.3, 9.11.x <= 9.11.12 fails to properly enforce access control restrictions for System Manager roles, allowing authenticated users with System Manager privileges to view team details they should not have access to via direct API requests to team endpoints, even when explicitly configured with 'No access' to Teams in the System Console.

References

►

URL

Tags

https://mattermost.com/security-updates

Impacted products

	Vendor	Product	Version
	Mattermost	Mattermost	Version: 10.7.0 ≤ Version: 10.5.0 ≤ 10.5.3 Version: 9.11.0 ≤ 9.11.12

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-3611",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-30T14:37:28.621750Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-30T14:37:42.109Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Mattermost",
          "vendor": "Mattermost",
          "versions": [
            {
              "status": "affected",
              "version": "10.7.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "10.5.3",
              "status": "affected",
              "version": "10.5.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "9.11.12",
              "status": "affected",
              "version": "9.11.0",
              "versionType": "semver"
            },
            {
              "status": "unaffected",
              "version": "10.8.0"
            },
            {
              "status": "unaffected",
              "version": "10.7.1"
            },
            {
              "status": "unaffected",
              "version": "10.5.4"
            },
            {
              "status": "unaffected",
              "version": "9.11.13"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "hackit_bharat"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eMattermost versions 10.7.x \u0026lt;= 10.7.0, 10.5.x \u0026lt;= 10.5.3, 9.11.x \u0026lt;= 9.11.12 fails to properly enforce access control restrictions for System Manager roles, allowing authenticated users with System Manager privileges to view team details they should not have access to via direct API requests to team endpoints, even when explicitly configured with \u0027No access\u0027 to Teams in the System Console.\u003c/p\u003e"
            }
          ],
          "value": "Mattermost versions 10.7.x \u003c= 10.7.0, 10.5.x \u003c= 10.5.3, 9.11.x \u003c= 9.11.12 fails to properly enforce access control restrictions for System Manager roles, allowing authenticated users with System Manager privileges to view team details they should not have access to via direct API requests to team endpoints, even when explicitly configured with \u0027No access\u0027 to Teams in the System Console."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-863",
              "description": "CWE-863: Incorrect Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-30T14:22:09.854Z",
        "orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
        "shortName": "Mattermost"
      },
      "references": [
        {
          "url": "https://mattermost.com/security-updates"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eUpdate Mattermost to versions 10.8.0, 10.7.1, 10.5.4, 9.11.13 or higher.\u003c/p\u003e"
            }
          ],
          "value": "Update Mattermost to versions 10.8.0, 10.7.1, 10.5.4, 9.11.13 or higher."
        }
      ],
      "source": {
        "advisory": "MMSA-2025-00462",
        "defect": [
          "https://mattermost.atlassian.net/browse/MM-63377"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "Improper Access Control in Mattermost allows System Managers to view team details despite role restrictions",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
    "assignerShortName": "Mattermost",
    "cveId": "CVE-2025-3611",
    "datePublished": "2025-05-30T14:22:09.854Z",
    "dateReserved": "2025-04-14T20:40:50.972Z",
    "dateUpdated": "2025-05-30T14:37:42.109Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-3230 (GCVE-0-2025-3230)

Vulnerability from cvelistv5

Published

2025-05-30 14:22

Modified

2025-05-30 14:42

Severity ?

5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

CWE

CWE-303 - Incorrect Implementation of Authentication Algorithm

Summary

Mattermost versions 10.7.x <= 10.7.0, 10.6.x <= 10.6.2, 10.5.x <= 10.5.3, 9.11.x <= 9.11.12 fails to properly invalidate personal access tokens upon user deactivation, allowing deactivated users to maintain full system access by exploiting access token validation flaws via continued usage of previously issued tokens.

References

►

URL

Tags

https://mattermost.com/security-updates

Impacted products

	Vendor	Product	Version
	Mattermost	Mattermost	Version: 10.7.0 ≤ Version: 10.6.0 ≤ 10.6.2 Version: 10.5.0 ≤ 10.5.3 Version: 9.11.0 ≤ 9.11.12

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-3230",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-30T14:42:24.325076Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-30T14:42:40.557Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Mattermost",
          "vendor": "Mattermost",
          "versions": [
            {
              "status": "affected",
              "version": "10.7.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "10.6.2",
              "status": "affected",
              "version": "10.6.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "10.5.3",
              "status": "affected",
              "version": "10.5.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "9.11.12",
              "status": "affected",
              "version": "9.11.0",
              "versionType": "semver"
            },
            {
              "status": "unaffected",
              "version": "10.8.0"
            },
            {
              "status": "unaffected",
              "version": "10.7.1"
            },
            {
              "status": "unaffected",
              "version": "10.6.3"
            },
            {
              "status": "unaffected",
              "version": "10.5.4"
            },
            {
              "status": "unaffected",
              "version": "9.11.13"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "eAhmed"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eMattermost versions 10.7.x \u0026lt;= 10.7.0, 10.6.x \u0026lt;= 10.6.2, 10.5.x \u0026lt;= 10.5.3, 9.11.x \u0026lt;= 9.11.12 fails to properly invalidate personal access tokens upon user deactivation, allowing deactivated users to maintain full system access by exploiting access token validation flaws via continued usage of previously issued tokens.\u003c/p\u003e"
            }
          ],
          "value": "Mattermost versions 10.7.x \u003c= 10.7.0, 10.6.x \u003c= 10.6.2, 10.5.x \u003c= 10.5.3, 9.11.x \u003c= 9.11.12 fails to properly invalidate personal access tokens upon user deactivation, allowing deactivated users to maintain full system access by exploiting access token validation flaws via continued usage of previously issued tokens."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-303",
              "description": "CWE-303: Incorrect Implementation of Authentication Algorithm",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-30T14:22:09.392Z",
        "orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
        "shortName": "Mattermost"
      },
      "references": [
        {
          "url": "https://mattermost.com/security-updates"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eUpdate Mattermost to versions 10.8.0, 10.7.1, 10.6.3, 10.5.4, 9.11.13 or higher.\u003c/p\u003e"
            }
          ],
          "value": "Update Mattermost to versions 10.8.0, 10.7.1, 10.6.3, 10.5.4, 9.11.13 or higher."
        }
      ],
      "source": {
        "advisory": "MMSA-2025-00463",
        "defect": [
          "https://mattermost.atlassian.net/browse/MM-63479"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "Bypass of System Admin User Deactivation Controls for Personal Access Tokens in Mattermost Server",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
    "assignerShortName": "Mattermost",
    "cveId": "CVE-2025-3230",
    "datePublished": "2025-05-30T14:22:09.392Z",
    "dateReserved": "2025-04-03T15:46:34.595Z",
    "dateUpdated": "2025-05-30T14:42:40.557Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-1792 (GCVE-0-2025-1792)

Vulnerability from cvelistv5

Published

2025-05-30 14:22

Modified

2025-06-12 17:07

Severity ?

3.1 (Low) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

CWE

CWE-863 - Incorrect Authorization

Summary

Mattermost versions 10.7.x <= 10.7.0, 10.5.x <= 10.5.3, 9.11.x <= 9.11.12 fail to properly enforce access controls for guest users accessing channel member information, allowing authenticated guest users to view metadata about members of public channels via the channel members API endpoint.

References

►

URL

Tags

https://mattermost.com/security-updates

Impacted products

	Vendor	Product	Version
	Mattermost	Mattermost	Version: 10.5.0 ≤ 10.5.3 Version: 9.11.0 ≤ 9.11.12

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-1792",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-30T14:46:35.551696Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-30T14:46:44.282Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Mattermost",
          "vendor": "Mattermost",
          "versions": [
            {
              "lessThanOrEqual": "10.5.3",
              "status": "affected",
              "version": "10.5.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "9.11.12",
              "status": "affected",
              "version": "9.11.0",
              "versionType": "semver"
            },
            {
              "status": "unaffected",
              "version": "10.8.0"
            },
            {
              "status": "unaffected",
              "version": "10.5.4"
            },
            {
              "status": "unaffected",
              "version": "9.11.13"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Bob10x1"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eMattermost versions 10.7.x \u0026lt;= 10.7.0, 10.5.x \u0026lt;= 10.5.3, 9.11.x \u0026lt;= 9.11.12 fail to properly enforce access controls for guest users accessing channel member information, allowing authenticated guest users to view metadata about members of public channels via the channel members API endpoint.\u003c/p\u003e"
            }
          ],
          "value": "Mattermost versions 10.7.x \u003c= 10.7.0, 10.5.x \u003c= 10.5.3, 9.11.x \u003c= 9.11.12 fail to properly enforce access controls for guest users accessing channel member information, allowing authenticated guest users to view metadata about members of public channels via the channel members API endpoint."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-863",
              "description": "CWE-863: Incorrect Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-06-12T17:07:00.539Z",
        "orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
        "shortName": "Mattermost"
      },
      "references": [
        {
          "url": "https://mattermost.com/security-updates"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eUpdate Mattermost to versions 10.8.0, 10.7.1, 10.5.4, 9.11.13 or higher.\u003c/p\u003e"
            }
          ],
          "value": "Update Mattermost to versions 10.8.0, 10.7.1, 10.5.4, 9.11.13 or higher."
        }
      ],
      "source": {
        "advisory": "MMSA-2025-00457",
        "defect": [
          "https://mattermost.atlassian.net/browse/MM-63315"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "Improper Access Control in Mattermost Channel Member API",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
    "assignerShortName": "Mattermost",
    "cveId": "CVE-2025-1792",
    "datePublished": "2025-05-30T14:22:08.404Z",
    "dateReserved": "2025-02-28T17:40:40.314Z",
    "dateUpdated": "2025-06-12T17:07:00.539Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-3913 (GCVE-0-2025-3913)

Vulnerability from cvelistv5

Published

2025-05-29 15:10

Modified

2025-05-29 15:43

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE

CWE-863 - Incorrect Authorization

Summary

Mattermost versions 10.7.x <= 10.7.0, 10.6.x <= 10.6.2, 10.5.x <= 10.5.3, 9.11.x <= 9.11.12 fail to properly validate permissions when changing team privacy settings, allowing team administrators without the 'invite user' permission to access and modify team invite IDs via the /api/v4/teams/:teamId/privacy endpoint.

References

►

URL

Tags

https://mattermost.com/security-updates

Impacted products

	Vendor	Product	Version
	Mattermost	Mattermost	Version: 10.7.0 ≤ Version: 10.6.0 ≤ 10.6.2 Version: 10.5.0 ≤ 10.5.3 Version: 9.11.0 ≤ 9.11.12

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-3913",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-29T15:43:05.744930Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-29T15:43:16.437Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Mattermost",
          "vendor": "Mattermost",
          "versions": [
            {
              "status": "affected",
              "version": "10.7.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "10.6.2",
              "status": "affected",
              "version": "10.6.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "10.5.3",
              "status": "affected",
              "version": "10.5.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "9.11.12",
              "status": "affected",
              "version": "9.11.0",
              "versionType": "semver"
            },
            {
              "status": "unaffected",
              "version": "10.8.0"
            },
            {
              "status": "unaffected",
              "version": "10.7.1"
            },
            {
              "status": "unaffected",
              "version": "10.6.3"
            },
            {
              "status": "unaffected",
              "version": "10.5.4"
            },
            {
              "status": "unaffected",
              "version": "9.11.13"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "omarAhmed1"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eMattermost versions 10.7.x \u0026lt;= 10.7.0, 10.6.x \u0026lt;= 10.6.2, 10.5.x \u0026lt;= 10.5.3, 9.11.x \u0026lt;= 9.11.12 fail to properly validate permissions when changing team privacy settings, allowing team administrators without the \u0027invite user\u0027 permission to access and modify team invite IDs via the /api/v4/teams/:teamId/privacy endpoint.\u003c/p\u003e"
            }
          ],
          "value": "Mattermost versions 10.7.x \u003c= 10.7.0, 10.6.x \u003c= 10.6.2, 10.5.x \u003c= 10.5.3, 9.11.x \u003c= 9.11.12 fail to properly validate permissions when changing team privacy settings, allowing team administrators without the \u0027invite user\u0027 permission to access and modify team invite IDs via the /api/v4/teams/:teamId/privacy endpoint."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-863",
              "description": "CWE-863: Incorrect Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-29T15:10:36.914Z",
        "orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
        "shortName": "Mattermost"
      },
      "references": [
        {
          "url": "https://mattermost.com/security-updates"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eUpdate Mattermost to versions 10.8.0, 10.7.1, 10.6.3, 10.5.4, 9.11.13 or higher.\u003c/p\u003e"
            }
          ],
          "value": "Update Mattermost to versions 10.8.0, 10.7.1, 10.6.3, 10.5.4, 9.11.13 or higher."
        }
      ],
      "source": {
        "advisory": "MMSA-2025-00467",
        "defect": [
          "https://mattermost.atlassian.net/browse/MM-63589"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "Team Privacy Settings Authorization Bypass in Mattermost Server",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
    "assignerShortName": "Mattermost",
    "cveId": "CVE-2025-3913",
    "datePublished": "2025-05-29T15:10:36.914Z",
    "dateReserved": "2025-04-23T23:15:35.771Z",
    "dateUpdated": "2025-05-29T15:43:16.437Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

wid-sec-w-2025-0905

Vulnerability from csaf_certbund

CVE-2025-2571 (GCVE-0-2025-2571)

Vulnerability from cvelistv5

CVE-2025-3611 (GCVE-0-2025-3611)

Vulnerability from cvelistv5

CVE-2025-3230 (GCVE-0-2025-3230)

Vulnerability from cvelistv5

CVE-2025-1792 (GCVE-0-2025-1792)

Vulnerability from cvelistv5

CVE-2025-3913 (GCVE-0-2025-3913)

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature