CVE-2023-6202 - Vulnerability Details - OpenCVE

Mattermost fails to perform proper authorization in the /plugins/focalboard/api/v2/users endpoint allowing an attacker who is a guest user and knows the ID of another user to get their information (e.g. name, surname, nickname) via Mattermost Boards.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00134.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Mattermost	Mattermost

Configuration 1 [-]

OR	cpe:2.3:a:mattermost:mattermost::::::::
	cpe:2.3:a:mattermost:mattermost::::::::

No data.

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2023-2916	Mattermost fails to perform proper authorization in the /plugins/focalboard/api/v2/users endpoint allowing an attacker who is a guest user and knows the ID of another user to get their information (e.g. name, surname, nickname) via Mattermost Boards.
Github GHSA	GHSA-85jj-c9jr-9jhx	Mattermost Improper Access Control vulnerability

Fixes

Solution

Update Mattermost Server to versions 9.0.2, 9.1.1, 7.8.13, 8.1.4 or higher.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://mattermost.com/security-updates

History

Fri, 11 Oct 2024 21:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: Mattermost

Published: 2023-11-27T09:12:04.786Z

Updated: 2024-10-11T17:58:15.479Z

Reserved: 2023-11-20T12:24:12.551Z

Link: CVE-2023-6202

Vulnrichment

Updated: 2024-08-02T08:21:17.904Z

NVD

Status : Modified

Published: 2023-11-27T10:15:08.677

Modified: 2024-11-21T08:43:21.570

Link: CVE-2023-6202

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-6202", "assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee", "state": "PUBLISHED", "assignerShortName": "Mattermost", "dateReserved": "2023-11-20T12:24:12.551Z", "datePublished": "2023-11-27T09:12:04.786Z", "dateUpdated": "2024-10-11T17:58:15.479Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Mattermost", "vendor": "Mattermost", "versions": [{"lessThanOrEqual": "7.8.12", "status": "affected", "version": "0", "versionType": "semver"}, {"lessThanOrEqual": "8.1.3", "status": "affected", "version": "0", "versionType": "semver"}, {"lessThanOrEqual": "9.0.1", "status": "affected", "version": "0", "versionType": "semver"}, {"lessThanOrEqual": "9.1.0", "status": "affected", "version": "0", "versionType": "semver"}, {"status": "unaffected", "version": "9.0.2"}, {"status": "unaffected", "version": "9.1.1"}, {"status": "unaffected", "version": "7.8.13"}, {"status": "unaffected", "version": "8.1.4"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "DoyenSec"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Mattermost fails to perform proper authorization in the /plugins/focalboard/api/v2/users endpoint allowing an attacker who is a guest user and knows t<span style=\"background-color: rgb(255, 255, 255);\">he ID of another user </span>to get their information (e.g. name, surname, nickname) via Mattermost Boards.</p>"}], "value": "Mattermost fails to perform proper authorization in the /plugins/focalboard/api/v2/users endpoint allowing an attacker who is a guest user and knows the ID of another user\u00a0to get their information (e.g. name, surname, nickname) via Mattermost Boards.\n\n"}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-284", "description": "CWE-284: Improper Access Control", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee", "shortName": "Mattermost", "dateUpdated": "2023-11-27T09:12:04.786Z"}, "references": [{"url": "https://mattermost.com/security-updates"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Update Mattermost Server to versions 9.0.2, 9.1.1, 7.8.13, 8.1.4 or higher.</p>"}], "value": "Update Mattermost Server to versions 9.0.2, 9.1.1, 7.8.13, 8.1.4 or higher.\n\n"}], "source": {"advisory": "MMSA-2023-00254", "defect": ["https://mattermost.atlassian.net/browse/MM-54365"], "discovery": "EXTERNAL"}, "title": "Insecure Direct Object Reference in /plugins/focalboard/ api/v2/users of Mattermost Boards", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T08:21:17.904Z"}, "title": "CVE Program Container", "references": [{"url": "https://mattermost.com/security-updates", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-10-11T17:51:36.345798Z", "id": "CVE-2023-6202", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-11T17:58:15.479Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://mattermost.com/security-updates", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T08:21:17.904Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-6202", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-10-11T17:51:36.345798Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-11T17:52:44.104Z"}}], "cna": {"title": "Insecure Direct Object Reference in /plugins/focalboard/ api/v2/users of Mattermost Boards", "source": {"defect": ["https://mattermost.atlassian.net/browse/MM-54365"], "advisory": "MMSA-2023-00254", "discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "DoyenSec"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Mattermost", "product": "Mattermost", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "7.8.12"}, {"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "8.1.3"}, {"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "9.0.1"}, {"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "9.1.0"}, {"status": "unaffected", "version": "9.0.2"}, {"status": "unaffected", "version": "9.1.1"}, {"status": "unaffected", "version": "7.8.13"}, {"status": "unaffected", "version": "8.1.4"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Update Mattermost Server to versions 9.0.2, 9.1.1, 7.8.13, 8.1.4 or higher.\n\n", "supportingMedia": [{"type": "text/html", "value": "<p>Update Mattermost Server to versions 9.0.2, 9.1.1, 7.8.13, 8.1.4 or higher.</p>", "base64": false}]}], "references": [{"url": "https://mattermost.com/security-updates"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "Mattermost fails to perform proper authorization in the /plugins/focalboard/api/v2/users endpoint allowing an attacker who is a guest user and knows the ID of another user\u00a0to get their information (e.g. name, surname, nickname) via Mattermost Boards.\n\n", "supportingMedia": [{"type": "text/html", "value": "<p>Mattermost fails to perform proper authorization in the /plugins/focalboard/api/v2/users endpoint allowing an attacker who is a guest user and knows t<span style=\"background-color: rgb(255, 255, 255);\">he ID of another user </span>to get their information (e.g. name, surname, nickname) via Mattermost Boards.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-284", "description": "CWE-284: Improper Access Control"}]}], "providerMetadata": {"orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee", "shortName": "Mattermost", "dateUpdated": "2023-11-27T09:12:04.786Z"}}}, "cveMetadata": {"cveId": "CVE-2023-6202", "state": "PUBLISHED", "dateUpdated": "2024-10-11T17:58:15.479Z", "dateReserved": "2023-11-20T12:24:12.551Z", "assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee", "datePublished": "2023-11-27T09:12:04.786Z", "assignerShortName": "Mattermost"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*", "matchCriteriaId": "BAEFCB9C-4CFC-4C2D-B53D-4A1E9B54E744", "versionEndIncluding": "7.8.12", "vulnerable": true}, {"criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*", "matchCriteriaId": "7CFE72E8-D2A6-4994-88F6-2B04DB413631", "versionEndIncluding": "8.1.3", "versionStartIncluding": "8.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Mattermost fails to perform proper authorization in the /plugins/focalboard/api/v2/users endpoint allowing an attacker who is a guest user and knows the ID of another user\u00a0to get their information (e.g. name, surname, nickname) via Mattermost Boards.\n\n"}, {"lang": "es", "value": "Mattermost no realiza la autorizaci\u00f3n adecuada en el endpoint /plugins/focalboard/api/v2/users, lo que permite a un atacante que es un usuario invitado y conoce el ID de otro usuario obtener su informaci\u00f3n (por ejemplo, nombre, apellido, apodo) a trav\u00e9s de Mattermost Boards."}], "id": "CVE-2023-6202", "lastModified": "2024-11-21T08:43:21.570", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "responsibledisclosure@mattermost.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-11-27T10:15:08.677", "references": [{"source": "responsibledisclosure@mattermost.com", "tags": ["Vendor Advisory"], "url": "https://mattermost.com/security-updates"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://mattermost.com/security-updates"}], "sourceIdentifier": "responsibledisclosure@mattermost.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-284"}], "source": "responsibledisclosure@mattermost.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}