CVE-2023-5969 - Vulnerability Details - OpenCVE

Mattermost fails to properly sanitize the request to /api/v4/redirect_location allowing an attacker, sending a specially crafted request to /api/v4/redirect_location, to fill up the memory due to caching large items.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00111.

Key SSVC decision points have not yet been added.

Vendors	Products
Mattermost	Mattermost

Configuration 1 [-]

OR	cpe:2.3:a:mattermost:mattermost::::::::
	cpe:2.3:a:mattermost:mattermost::::::::
	cpe:2.3:a:mattermost:mattermost::::::::
	cpe:2.3:a:mattermost:mattermost:9.0.0:::::::*

No data.

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2023-3048	Mattermost fails to properly sanitize the request to /api/v4/redirect_location allowing an attacker, sending a specially crafted request to /api/v4/redirect_location, to fill up the memory due to caching large items.
Github GHSA	GHSA-w496-f5qq-m58j	Mattermost vulnerable to excessive memory consumption

Fixes

Solution

Update Mattermost Server to versions 7.8.12, 8.0.4, 8.1.3, 9.0.1 or higher.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://mattermost.com/security-updates

History

No history.

MITRE

Status: PUBLISHED

Assigner: Mattermost

Published: 2023-11-06T15:48:23.590Z

Updated: 2024-09-17T13:07:28.847Z

Reserved: 2023-11-06T15:45:39.602Z

Link: CVE-2023-5969

Vulnrichment

Updated: 2024-08-02T08:14:25.131Z

NVD

Status : Modified

Published: 2023-11-06T16:15:42.987

Modified: 2024-11-21T08:42:53.270

Link: CVE-2023-5969

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-5969", "assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee", "state": "PUBLISHED", "assignerShortName": "Mattermost", "dateReserved": "2023-11-06T15:45:39.602Z", "datePublished": "2023-11-06T15:48:23.590Z", "dateUpdated": "2024-09-17T13:07:28.847Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Mattermost", "vendor": "Mattermost", "versions": [{"lessThanOrEqual": "7.8.11", "status": "affected", "version": "0", "versionType": "semver"}, {"lessThanOrEqual": "8.0.3", "status": "affected", "version": "0", "versionType": "semver"}, {"lessThanOrEqual": "8.1.2", "status": "affected", "version": "0", "versionType": "semver"}, {"lessThanOrEqual": "9.0.0", "status": "affected", "version": "0", "versionType": "semver"}, {"status": "unaffected", "version": "7.8.12"}, {"status": "unaffected", "version": "8.0.4"}, {"status": "unaffected", "version": "8.1.3"}, {"status": "unaffected", "version": "9.0.1"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "vultza (vultza)"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Mattermost fails to properly sanitize the request to /api/v4/redirect_location allowing an attacker, <span style=\"background-color: rgb(255, 255, 255);\">sending a specially crafted request to /api/v4/redirect_location, </span>to fill up the memory due to caching large items.</p>"}], "value": "Mattermost fails to properly sanitize the request to\u00a0/api/v4/redirect_location allowing an\u00a0attacker,\u00a0sending a specially crafted request to /api/v4/redirect_location,\u00a0to fill up the memory due to caching large items.\n\n"}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-400", "description": "CWE-400 Uncontrolled Resource Consumption", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee", "shortName": "Mattermost", "dateUpdated": "2023-11-06T15:48:23.590Z"}, "references": [{"url": "https://mattermost.com/security-updates"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Update Mattermost Server to versions 7.8.12, 8.0.4, 8.1.3, 9.0.1 or higher.</p>"}], "value": "Update Mattermost Server to versions 7.8.12, 8.0.4, 8.1.3, 9.0.1 or higher.\n\n"}], "source": {"advisory": "MMSA-2023-00240", "defect": ["https://mattermost.atlassian.net/browse/MM-54218"], "discovery": "EXTERNAL"}, "title": " Denial of Service via Link Preview in /api/v4/redirect_location", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T08:14:25.131Z"}, "title": "CVE Program Container", "references": [{"url": "https://mattermost.com/security-updates", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-09-04T13:21:56.442988Z", "id": "CVE-2023-5969", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-17T13:07:28.847Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://mattermost.com/security-updates", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T08:14:25.131Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-5969", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-04T13:21:56.442988Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-17T13:07:24.641Z"}}], "cna": {"title": " Denial of Service via Link Preview in /api/v4/redirect_location", "source": {"defect": ["https://mattermost.atlassian.net/browse/MM-54218"], "advisory": "MMSA-2023-00240", "discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "vultza (vultza)"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Mattermost", "product": "Mattermost", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "7.8.11"}, {"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "8.0.3"}, {"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "8.1.2"}, {"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "9.0.0"}, {"status": "unaffected", "version": "7.8.12"}, {"status": "unaffected", "version": "8.0.4"}, {"status": "unaffected", "version": "8.1.3"}, {"status": "unaffected", "version": "9.0.1"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Update Mattermost Server to versions 7.8.12, 8.0.4, 8.1.3, 9.0.1 or higher.\n\n", "supportingMedia": [{"type": "text/html", "value": "<p>Update Mattermost Server to versions 7.8.12, 8.0.4, 8.1.3, 9.0.1 or higher.</p>", "base64": false}]}], "references": [{"url": "https://mattermost.com/security-updates"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "Mattermost fails to properly sanitize the request to\u00a0/api/v4/redirect_location allowing an\u00a0attacker,\u00a0sending a specially crafted request to /api/v4/redirect_location,\u00a0to fill up the memory due to caching large items.\n\n", "supportingMedia": [{"type": "text/html", "value": "<p>Mattermost fails to properly sanitize the request to /api/v4/redirect_location allowing an attacker, <span style=\"background-color: rgb(255, 255, 255);\">sending a specially crafted request to /api/v4/redirect_location, </span>to fill up the memory due to caching large items.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-400", "description": "CWE-400 Uncontrolled Resource Consumption"}]}], "providerMetadata": {"orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee", "shortName": "Mattermost", "dateUpdated": "2023-11-06T15:48:23.590Z"}}}, "cveMetadata": {"cveId": "CVE-2023-5969", "state": "PUBLISHED", "dateUpdated": "2024-09-17T13:07:28.847Z", "dateReserved": "2023-11-06T15:45:39.602Z", "assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee", "datePublished": "2023-11-06T15:48:23.590Z", "assignerShortName": "Mattermost"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*", "matchCriteriaId": "9A8DD228-69E5-4BD3-8BF4-0BFDA61F9951", "versionEndIncluding": "7.8.11", "vulnerable": true}, {"criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*", "matchCriteriaId": "154F3427-98C1-4D4F-BFA7-499E2FE8AEED", "versionEndIncluding": "8.0.3", "versionStartIncluding": "8.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*", "matchCriteriaId": "19AC73DE-98C1-4653-BB69-C8ECB0E51D54", "versionEndIncluding": "8.1.2", "versionStartIncluding": "8.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mattermost:mattermost:9.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "4AEE8D64-761C-4223-B100-D5D6DFF8E331", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Mattermost fails to properly sanitize the request to\u00a0/api/v4/redirect_location allowing an\u00a0attacker,\u00a0sending a specially crafted request to /api/v4/redirect_location,\u00a0to fill up the memory due to caching large items.\n\n"}, {"lang": "es", "value": "Mattermost no puede sanitizar adecuadamente la solicitud a /api/v4/redirect_location, lo que permite que un atacante env\u00ede una solicitud especialmente manipulada a /api/v4/redirect_location para llenar la memoria debido al almacenamiento en cach\u00e9 de elementos grandes."}], "id": "CVE-2023-5969", "lastModified": "2024-11-21T08:42:53.270", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "responsibledisclosure@mattermost.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-11-06T16:15:42.987", "references": [{"source": "responsibledisclosure@mattermost.com", "tags": ["Vendor Advisory"], "url": "https://mattermost.com/security-updates"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://mattermost.com/security-updates"}], "sourceIdentifier": "responsibledisclosure@mattermost.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-400"}], "source": "responsibledisclosure@mattermost.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-400"}], "source": "nvd@nist.gov", "type": "Primary"}]}