CVE-2023-5967 - Vulnerability Details - OpenCVE

Description

Mattermost fails to properly validate requests to the Calls plugin, allowing an attacker sending a request without a User Agent header to cause a panic and crash the Calls plugin

Published: 2023-11-06

Score: 4.3 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

No analysis available yet.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Mattermost

Mattermost

unaffected

Version	Status	Constraints
`0`	affected	≤ 8.1.2
`0`	affected	≤ 8.0.3
`0`	affected	≤ 7.8.11
`8.1.3`	unaffected	—
`8.0.4`	unaffected	—
`7.8.12`	unaffected	—

Configuration 1 [-]

OR	cpe:2.3:a:mattermost:mattermost::::::::
	cpe:2.3:a:mattermost:mattermost::::::::
	cpe:2.3:a:mattermost:mattermost::::::::

No data.

No data available yet.

Remediation

Vendor Solution

Update Mattermost Server to versions 7.8.12, 8.0.4, 8.1.3 or higher. Alternatively, upgrade the Calls plugin to 0.17.1 or higher.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
EUVD	EUVD-2023-3066	Mattermost fails to properly validate requests to the Calls plugin, allowing an attacker sending a request without a User Agent header to cause a panic and crash the Calls plugin
Github GHSA	GHSA-xvq6-h898-wcj8	Mattermost denial of service vulnerability

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00098.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://mattermost.com/security-updates

History

No history.

Subscriptions

Mattermost Mattermost

MITRE

Status: PUBLISHED

Assigner: Mattermost

Published: 2023-11-06T15:24:24.544Z

Updated: 2024-09-12T19:30:12.159Z

Reserved: 2023-11-06T15:14:58.458Z

Link: CVE-2023-5967

Vulnrichment

Updated: 2024-08-02T08:14:25.127Z

NVD

Status : Modified

Published: 2023-11-06T16:15:42.810

Modified: 2024-11-21T08:42:53.007

Link: CVE-2023-5967

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

CWE-754

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-5967", "assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee", "state": "PUBLISHED", "assignerShortName": "Mattermost", "dateReserved": "2023-11-06T15:14:58.458Z", "datePublished": "2023-11-06T15:24:24.544Z", "dateUpdated": "2024-09-12T19:30:12.159Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Mattermost", "vendor": "Mattermost", "versions": [{"lessThanOrEqual": "8.1.2", "status": "affected", "version": "0", "versionType": "semver"}, {"lessThanOrEqual": "8.0.3", "status": "affected", "version": "0", "versionType": "semver"}, {"lessThanOrEqual": "7.8.11", "status": "affected", "version": "0", "versionType": "semver"}, {"status": "unaffected", "version": "8.1.3"}, {"status": "unaffected", "version": "8.0.4"}, {"status": "unaffected", "version": "7.8.12"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "DoyenSec"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Mattermost fails to properly validate requests to the Calls plugin, allowing an attacker sending a request without a User Agent header to cause a panic and crash the Calls plugin</p>"}], "value": "Mattermost fails to properly validate requests to the Calls plugin, allowing an attacker sending a request without a User Agent header to cause a panic and crash the Calls plugin\n\n"}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-754", "description": "CWE-754 Improper Check for Unusual or Exceptional Conditions", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee", "shortName": "Mattermost", "dateUpdated": "2023-11-06T15:24:24.544Z"}, "references": [{"url": "https://mattermost.com/security-updates"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p> Update Mattermost Server to versions 7.8.12, 8.0.4, 8.1.3 or higher. Alternatively, upgrade the Calls plugin to 0.17.1 or higher. </p>"}], "value": "\u00a0Update Mattermost Server to versions\u00a07.8.12,\u00a08.0.4,\u00a08.1.3\u00a0or higher. Alternatively, upgrade the Calls plugin to\u00a00.17.1 or higher.\u00a0\n\n"}], "source": {"advisory": "MMSA-2023-00246", "defect": ["https://mattermost.atlassian.net/browse/MM-54361"], "discovery": "EXTERNAL"}, "title": "Denial of Service via crashing the Calls Plugin", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T08:14:25.127Z"}, "title": "CVE Program Container", "references": [{"url": "https://mattermost.com/security-updates", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-09-04T13:35:03.670044Z", "id": "CVE-2023-5967", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-12T19:30:12.159Z"}}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-5967", "assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee", "state": "PUBLISHED", "assignerShortName": "Mattermost", "dateReserved": "2023-11-06T15:14:58.458Z", "datePublished": "2023-11-06T15:24:24.544Z", "dateUpdated": "2024-09-12T19:30:12.159Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Mattermost", "vendor": "Mattermost", "versions": [{"lessThanOrEqual": "8.1.2", "status": "affected", "version": "0", "versionType": "semver"}, {"lessThanOrEqual": "8.0.3", "status": "affected", "version": "0", "versionType": "semver"}, {"lessThanOrEqual": "7.8.11", "status": "affected", "version": "0", "versionType": "semver"}, {"status": "unaffected", "version": "8.1.3"}, {"status": "unaffected", "version": "8.0.4"}, {"status": "unaffected", "version": "7.8.12"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "DoyenSec"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Mattermost fails to properly validate requests to the Calls plugin, allowing an attacker sending a request without a User Agent header to cause a panic and crash the Calls plugin</p>"}], "value": "Mattermost fails to properly validate requests to the Calls plugin, allowing an attacker sending a request without a User Agent header to cause a panic and crash the Calls plugin\n\n"}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-754", "description": "CWE-754 Improper Check for Unusual or Exceptional Conditions", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee", "shortName": "Mattermost", "dateUpdated": "2023-11-06T15:24:24.544Z"}, "references": [{"url": "https://mattermost.com/security-updates"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p> Update Mattermost Server to versions 7.8.12, 8.0.4, 8.1.3 or higher. Alternatively, upgrade the Calls plugin to 0.17.1 or higher. </p>"}], "value": "\u00a0Update Mattermost Server to versions\u00a07.8.12,\u00a08.0.4,\u00a08.1.3\u00a0or higher. Alternatively, upgrade the Calls plugin to\u00a00.17.1 or higher.\u00a0\n\n"}], "source": {"advisory": "MMSA-2023-00246", "defect": ["https://mattermost.atlassian.net/browse/MM-54361"], "discovery": "EXTERNAL"}, "title": "Denial of Service via crashing the Calls Plugin", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T08:14:25.127Z"}, "title": "CVE Program Container", "references": [{"url": "https://mattermost.com/security-updates", "tags": ["x_transferred"]}]}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-5967", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-04T13:35:03.670044Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-12T19:30:07.406Z"}}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*", "matchCriteriaId": "9A8DD228-69E5-4BD3-8BF4-0BFDA61F9951", "versionEndIncluding": "7.8.11", "vulnerable": true}, {"criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*", "matchCriteriaId": "154F3427-98C1-4D4F-BFA7-499E2FE8AEED", "versionEndIncluding": "8.0.3", "versionStartIncluding": "8.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*", "matchCriteriaId": "19AC73DE-98C1-4653-BB69-C8ECB0E51D54", "versionEndIncluding": "8.1.2", "versionStartIncluding": "8.1.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Mattermost fails to properly validate requests to the Calls plugin, allowing an attacker sending a request without a User Agent header to cause a panic and crash the Calls plugin\n\n"}, {"lang": "es", "value": "Mattermost no valida correctamente las solicitudes al complemento Calls, lo que permite que un atacante que env\u00ede una solicitud sin un encabezado de Agente de Usuario cause p\u00e1nico y bloquee el complemento Calls."}], "id": "CVE-2023-5967", "lastModified": "2024-11-21T08:42:53.007", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "responsibledisclosure@mattermost.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-11-06T16:15:42.810", "references": [{"source": "responsibledisclosure@mattermost.com", "tags": ["Vendor Advisory"], "url": "https://mattermost.com/security-updates"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://mattermost.com/security-updates"}], "sourceIdentifier": "responsibledisclosure@mattermost.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-754"}], "source": "responsibledisclosure@mattermost.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-754"}], "source": "nvd@nist.gov", "type": "Primary"}]}