Mattermost fails to properly verify the permissions when managing/updating a bot allowing a User Manager role with user edit permissions to manage/update bots.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://mattermost.com/security-updates |
History
No history.
MITRE
Status: PUBLISHED
Assigner: Mattermost
Published: 2023-09-29T09:21:37.828Z
Updated: 2024-08-02T07:52:07.464Z
Reserved: 2023-09-25T11:36:21.829Z
Link: CVE-2023-5159
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-09-29T10:15:10.530
Modified: 2023-10-03T17:18:32.967
Link: CVE-2023-5159
Redhat
No data.