CVE-2025-27936 - Vulnerability Details - OpenCVE

Mattermost Plugin MSTeams versions <2.1.0 and Mattermost Server versions 10.5.x <=10.5.1 with the MS Teams plugin enabled fail to perform constant time comparison on a MSTeams plugin webhook secret which allows an attacker to retrieve the webhook secret of the MSTeams plugin via a timing attack during webhook secret comparison.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00038.

Exploitation none

Automatable no

Technical Impact partial

No data.

No data.

No data.

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2025-11359	Mattermost vulnerable to Observable Timing Discrepancy
Github GHSA	GHSA-2j87-p623-8cc2	Mattermost vulnerable to Observable Timing Discrepancy

Fixes

Solution

Update Mattermost Plugin MSTeams to version 2.1.1 or Mattermost Server to versions 10.6.0, 10.5.2 or higher.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://mattermost.com/security-updates

History

Wed, 16 Apr 2025 15:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Wed, 16 Apr 2025 09:30:00 +0000

Type	Values Removed	Values Added
Description		Mattermost Plugin MSTeams versions <2.1.0 and Mattermost Server versions 10.5.x <=10.5.1 with the MS Teams plugin enabled fail to perform constant time comparison on a MSTeams plugin webhook secret which allows an attacker to retrieve the webhook secret of the MSTeams plugin via a timing attack during webhook secret comparison.
Title		Webhook Secret Exposure via Timing attack in MSteams plugin
Weaknesses		CWE-208
References		https://mattermost.com/security-updates
Metrics		cvssV3_1 `{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N'}`

MITRE

Status: PUBLISHED

Assigner: Mattermost

Published: 2025-04-16T09:14:55.095Z

Updated: 2025-04-16T14:32:45.176Z

Reserved: 2025-04-08T11:14:14.689Z

Link: CVE-2025-27936

Vulnrichment

Updated: 2025-04-16T14:22:49.604Z

NVD

Status : Awaiting Analysis

Published: 2025-04-16T10:15:14.797

Modified: 2025-04-16T13:25:37.340

Link: CVE-2025-27936

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-27936", "assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee", "state": "PUBLISHED", "assignerShortName": "Mattermost", "dateReserved": "2025-04-08T11:14:14.689Z", "datePublished": "2025-04-16T09:14:55.095Z", "dateUpdated": "2025-04-16T14:32:45.176Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Mattermost", "vendor": "Mattermost", "versions": [{"lessThanOrEqual": "10.5.1", "status": "affected", "version": "10.5.0", "versionType": "semver"}, {"status": "unaffected", "version": "10.6.0"}, {"status": "unaffected", "version": "10.5.2"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Juho Fors\u00e9n"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Mattermost Plugin MSTeams versions <<span style=\"background-color: rgb(255, 255, 255);\">2.1.0 and Mattermost Server </span>versions 10.5.x <=10.5.1 with the MS Teams plugin enabled fail to perform constant time comparison on a MSTeams plugin webhook secret which allows an attacker to retrieve the webhook secret of the MSTeams plugin via a timing attack during webhook secret comparison. </p>"}], "value": "Mattermost Plugin MSTeams versions <2.1.0 and Mattermost Server\u00a0versions 10.5.x <=10.5.1 with the MS Teams plugin enabled fail to perform constant time comparison on a MSTeams plugin webhook secret which allows\u00a0an attacker to retrieve the webhook secret of the MSTeams plugin via a timing attack during webhook secret comparison."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-208", "description": "CWE-208: Observable Timing Discrepancy", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee", "shortName": "Mattermost", "dateUpdated": "2025-04-16T09:14:55.095Z"}, "references": [{"url": "https://mattermost.com/security-updates"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Update Mattermost Plugin MSTeams to version 2.1.1 or Mattermost Server to versions 10.6.0, 10.5.2 or higher.</p>"}], "value": "Update Mattermost Plugin MSTeams to version 2.1.1 or Mattermost Server to versions 10.6.0, 10.5.2 or higher."}], "source": {"advisory": "MMSA-2025-00450", "defect": ["https://mattermost.atlassian.net/browse/MM-63147"], "discovery": "INTERNAL"}, "title": "Webhook Secret Exposure via Timing attack in MSteams plugin", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-04-16T14:19:16.252929Z", "id": "CVE-2025-27936", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-16T14:32:45.176Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-27936", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-04-16T14:19:16.252929Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-16T14:22:49.604Z"}}], "cna": {"title": "Webhook Secret Exposure via Timing attack in MSteams plugin", "source": {"defect": ["https://mattermost.atlassian.net/browse/MM-63147"], "advisory": "MMSA-2025-00450", "discovery": "INTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Juho Fors\u00e9n"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Mattermost", "product": "Mattermost", "versions": [{"status": "affected", "version": "10.5.0", "versionType": "semver", "lessThanOrEqual": "10.5.1"}, {"status": "unaffected", "version": "10.6.0"}, {"status": "unaffected", "version": "10.5.2"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Update Mattermost Plugin MSTeams to version 2.1.1 or Mattermost Server to versions 10.6.0, 10.5.2 or higher.", "supportingMedia": [{"type": "text/html", "value": "<p>Update Mattermost Plugin MSTeams to version 2.1.1 or Mattermost Server to versions 10.6.0, 10.5.2 or higher.</p>", "base64": false}]}], "references": [{"url": "https://mattermost.com/security-updates"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "Mattermost Plugin MSTeams versions <2.1.0 and Mattermost Server\u00a0versions 10.5.x <=10.5.1 with the MS Teams plugin enabled fail to perform constant time comparison on a MSTeams plugin webhook secret which allows\u00a0an attacker to retrieve the webhook secret of the MSTeams plugin via a timing attack during webhook secret comparison.", "supportingMedia": [{"type": "text/html", "value": "<p>Mattermost Plugin MSTeams versions <<span style=\"background-color: rgb(255, 255, 255);\">2.1.0 and Mattermost Server </span>versions 10.5.x <=10.5.1 with the MS Teams plugin enabled fail to perform constant time comparison on a MSTeams plugin webhook secret which allows an attacker to retrieve the webhook secret of the MSTeams plugin via a timing attack during webhook secret comparison. </p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-208", "description": "CWE-208: Observable Timing Discrepancy"}]}], "providerMetadata": {"orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee", "shortName": "Mattermost", "dateUpdated": "2025-04-16T09:14:55.095Z"}}}, "cveMetadata": {"cveId": "CVE-2025-27936", "state": "PUBLISHED", "dateUpdated": "2025-04-16T14:32:45.176Z", "dateReserved": "2025-04-08T11:14:14.689Z", "assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee", "datePublished": "2025-04-16T09:14:55.095Z", "assignerShortName": "Mattermost"}, "dataVersion": "5.1"}