Vulnerability Details CVE-2017-18918
An issue was discovered in Mattermost Server before 3.7.3 and 3.6.5. A System Administrator can place a SAML certificate at an arbitrary pathname.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 27.9%
CVSS Severity
CVSS v3 Score 4.9
CVSS v2 Score 4.0
Products affected by CVE-2017-18918
-
cpe:2.3:a:mattermost:mattermost_server:3.6.0
-
cpe:2.3:a:mattermost:mattermost_server:3.6.1
-
cpe:2.3:a:mattermost:mattermost_server:3.6.2
-
cpe:2.3:a:mattermost:mattermost_server:3.6.3
-
cpe:2.3:a:mattermost:mattermost_server:3.6.4
-
cpe:2.3:a:mattermost:mattermost_server:3.7.0
-
cpe:2.3:a:mattermost:mattermost_server:3.7.1
-
cpe:2.3:a:mattermost:mattermost_server:3.7.2