GHSA-9w4v-9c99-hv7r

Опубликовано: 24 мая 2022

Источник: github

Github: Прошло ревью

CVSS4: 4.9

CVSS3: 6.5

Описание

Mattermost Server exposes sensitive information via its System Console UI

An issue was discovered in Mattermost Server before 3.0.0. It potentially allows attackers to obtain sensitive information (credential fields within config.json) via the System Console UI.

Ссылки

Пакеты

Наименование

github.com/mattermost/mattermost-server

Затронутые версииВерсия исправления

< 3.0.0

3.0.0

EPSS

Процентиль: 55%

0.00327

Низкий

4.9 Medium

CVSS4

6.5 Medium

CVSS3

CVE ID

CVE-2016-11078

Дефекты

CWE-200

Связанные уязвимости

CVE-2016-11078

CVSS3: 6.5

nvd

больше 5 лет назад

An issue was discovered in Mattermost Server before 3.0.0. It potentially allows attackers to obtain sensitive information (credential fields within config.json) via the System Console UI.

CVE-2016-11078

CVSS3: 6.5

debian

больше 5 лет назад

An issue was discovered in Mattermost Server before 3.0.0. It potentia ...

EPSS

Процентиль: 55%

0.00327

Низкий

4.9 Medium

CVSS4

6.5 Medium

CVSS3

CVE ID

CVE-2016-11078

Дефекты

CWE-200