CVE-2023-2787 - Vulnerability Details - OpenCVE

Mattermost fails to check channel membership when accessing message threads, allowing an attacker to access arbitrary posts by using the message threads API.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00141.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Mattermost	Mattermost

Configuration 1 [-]

OR	cpe:2.3:a:mattermost:mattermost::::::::
	cpe:2.3:a:mattermost:mattermost::::::::
	cpe:2.3:a:mattermost:mattermost::::::::
	cpe:2.3:a:mattermost:mattermost:7.10.0:::::::*

No data.

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2023-34243	Mattermost fails to check channel membership when accessing message threads, allowing an attacker to access arbitrary posts by using the message threads API.

Fixes

Solution

Update Mattermost to version v7.1.10, v7.8.5, v7.9.4, v7.10.1, or higher.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://mattermost.com/security-updates/

History

Fri, 06 Dec 2024 23:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: Mattermost

Published: 2023-06-16T08:55:39.391Z

Updated: 2024-12-06T23:03:17.719Z

Reserved: 2023-05-18T11:46:01.638Z

Link: CVE-2023-2787

Vulnrichment

Updated: 2024-08-02T06:33:05.738Z

NVD

Status : Modified

Published: 2023-06-16T09:15:09.920

Modified: 2024-11-21T07:59:17.380

Link: CVE-2023-2787

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-2787", "assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee", "state": "PUBLISHED", "assignerShortName": "Mattermost", "dateReserved": "2023-05-18T11:46:01.638Z", "datePublished": "2023-06-16T08:55:39.391Z", "dateUpdated": "2024-12-06T23:03:17.719Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Mattermost", "vendor": "Mattermost", "versions": [{"lessThanOrEqual": "7.9.3", "status": "affected", "version": "0", "versionType": "semver"}, {"lessThanOrEqual": "7.8.4", "status": "affected", "version": "0", "versionType": "semver"}, {"lessThanOrEqual": "7.1.9", "status": "affected", "version": "0", "versionType": "semver"}, {"status": "affected", "version": "7.10.0"}, {"status": "unaffected", "version": "7.9.3"}, {"status": "unaffected", "version": "7.8.4"}, {"status": "unaffected", "version": "7.1.9"}, {"status": "unaffected", "version": "7.10.1"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Juho Nurminen"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<div>Mattermost fails to check channel membership when accessing message threads, allowing an attacker to access arbitrary posts by using the message threads API.</div>"}], "value": "Mattermost fails to check channel membership when accessing message threads, allowing an attacker to access arbitrary posts by using the message threads API.\n\n"}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-862", "description": "CWE-862 Missing Authorization", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee", "shortName": "Mattermost", "dateUpdated": "2023-06-16T08:55:39.391Z"}, "references": [{"url": "https://mattermost.com/security-updates/"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Update Mattermost to version v7.1.10, v7.8.5, v7.9.4, v7.10.1, or higher.<br>"}], "value": "Update Mattermost to version v7.1.10, v7.8.5, v7.9.4, v7.10.1, or higher.\n"}], "source": {"advisory": "MMSA-2023-00164", "defect": ["https://mattermost.atlassian.net/browse/MM-50568"], "discovery": "INTERNAL"}, "title": "Collapsed Reply Threads APIs leak message contents from private channels", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T06:33:05.738Z"}, "title": "CVE Program Container", "references": [{"url": "https://mattermost.com/security-updates/", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-12-06T22:51:25.728878Z", "id": "CVE-2023-2787", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-12-06T23:03:17.719Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://mattermost.com/security-updates/", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T06:33:05.738Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-2787", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-12-06T22:51:25.728878Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-12-06T22:51:27.190Z"}}], "cna": {"title": "Collapsed Reply Threads APIs leak message contents from private channels", "source": {"defect": ["https://mattermost.atlassian.net/browse/MM-50568"], "advisory": "MMSA-2023-00164", "discovery": "INTERNAL"}, "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Juho Nurminen"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Mattermost", "product": "Mattermost", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "7.9.3"}, {"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "7.8.4"}, {"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "7.1.9"}, {"status": "affected", "version": "7.10.0"}, {"status": "unaffected", "version": "7.9.3"}, {"status": "unaffected", "version": "7.8.4"}, {"status": "unaffected", "version": "7.1.9"}, {"status": "unaffected", "version": "7.10.1"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Update Mattermost to version v7.1.10, v7.8.5, v7.9.4, v7.10.1, or higher.\n", "supportingMedia": [{"type": "text/html", "value": "Update Mattermost to version v7.1.10, v7.8.5, v7.9.4, v7.10.1, or higher.<br>", "base64": false}]}], "references": [{"url": "https://mattermost.com/security-updates/"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "Mattermost fails to check channel membership when accessing message threads, allowing an attacker to access arbitrary posts by using the message threads API.\n\n", "supportingMedia": [{"type": "text/html", "value": "<div>Mattermost fails to check channel membership when accessing message threads, allowing an attacker to access arbitrary posts by using the message threads API.</div>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-862", "description": "CWE-862 Missing Authorization"}]}], "providerMetadata": {"orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee", "shortName": "Mattermost", "dateUpdated": "2023-06-16T08:55:39.391Z"}}}, "cveMetadata": {"cveId": "CVE-2023-2787", "state": "PUBLISHED", "dateUpdated": "2024-12-06T23:03:17.719Z", "dateReserved": "2023-05-18T11:46:01.638Z", "assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee", "datePublished": "2023-06-16T08:55:39.391Z", "assignerShortName": "Mattermost"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*", "matchCriteriaId": "25CE0189-55BD-4A74-8844-59613D63A6FD", "versionEndIncluding": "7.1.9", "versionStartIncluding": "7.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*", "matchCriteriaId": "970C833F-3F25-43E1-B7AE-717BF35F998F", "versionEndIncluding": "7.8.4", "versionStartIncluding": "7.8.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*", "matchCriteriaId": "EB584691-CB58-4D9A-B475-4078ED1984F3", "versionEndIncluding": "7.9.3", "versionStartIncluding": "7.9.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mattermost:mattermost:7.10.0:*:*:*:*:*:*:*", "matchCriteriaId": "980D0FB9-D2FF-4C31-BC92-07073A8F4BB3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Mattermost fails to check channel membership when accessing message threads, allowing an attacker to access arbitrary posts by using the message threads API.\n\n"}], "id": "CVE-2023-2787", "lastModified": "2024-11-21T07:59:17.380", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "responsibledisclosure@mattermost.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-06-16T09:15:09.920", "references": [{"source": "responsibledisclosure@mattermost.com", "tags": ["Vendor Advisory"], "url": "https://mattermost.com/security-updates/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://mattermost.com/security-updates/"}], "sourceIdentifier": "responsibledisclosure@mattermost.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "responsibledisclosure@mattermost.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-862"}], "source": "nvd@nist.gov", "type": "Primary"}]}