CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-21263

An issue was discovered in Mattermost Server before 4.7.0, 4.6.2, and 4.5.2. An attacker could authenticate to a different user's account via a crafted SAML response.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 55.8%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 6.5

References

Products affected by CVE-2018-21263

Mattermost » Mattermost Server » Version: N/A

cpe:2.3:a:mattermost:mattermost_server:-
Mattermost » Mattermost Server » Version: 0.5.0

cpe:2.3:a:mattermost:mattermost_server:0.5.0
Mattermost » Mattermost Server » Version: 0.6.0

cpe:2.3:a:mattermost:mattermost_server:0.6.0
Mattermost » Mattermost Server » Version: 1.0.0

cpe:2.3:a:mattermost:mattermost_server:1.0.0
Mattermost » Mattermost Server » Version: 1.1.0

cpe:2.3:a:mattermost:mattermost_server:1.1.0
Mattermost » Mattermost Server » Version: 1.1.1

cpe:2.3:a:mattermost:mattermost_server:1.1.1
Mattermost » Mattermost Server » Version: 1.2.0

cpe:2.3:a:mattermost:mattermost_server:1.2.0
Mattermost » Mattermost Server » Version: 1.2.1

cpe:2.3:a:mattermost:mattermost_server:1.2.1
Mattermost » Mattermost Server » Version: 1.3.0

cpe:2.3:a:mattermost:mattermost_server:1.3.0
Mattermost » Mattermost Server » Version: 1.4.0

cpe:2.3:a:mattermost:mattermost_server:1.4.0
Mattermost » Mattermost Server » Version: 2.0.0

cpe:2.3:a:mattermost:mattermost_server:2.0.0
Mattermost » Mattermost Server » Version: 2.1.0

cpe:2.3:a:mattermost:mattermost_server:2.1.0
Mattermost » Mattermost Server » Version: 2.2.0

cpe:2.3:a:mattermost:mattermost_server:2.2.0
Mattermost » Mattermost Server » Version: 3.0.0

cpe:2.3:a:mattermost:mattermost_server:3.0.0
Mattermost » Mattermost Server » Version: 3.0.1

cpe:2.3:a:mattermost:mattermost_server:3.0.1
Mattermost » Mattermost Server » Version: 3.0.2

cpe:2.3:a:mattermost:mattermost_server:3.0.2
Mattermost » Mattermost Server » Version: 3.0.3

cpe:2.3:a:mattermost:mattermost_server:3.0.3
Mattermost » Mattermost Server » Version: 3.1.0

cpe:2.3:a:mattermost:mattermost_server:3.1.0
Mattermost » Mattermost Server » Version: 3.10.0

cpe:2.3:a:mattermost:mattermost_server:3.10.0
Mattermost » Mattermost Server » Version: 3.10.1

cpe:2.3:a:mattermost:mattermost_server:3.10.1
Mattermost » Mattermost Server » Version: 3.10.2

cpe:2.3:a:mattermost:mattermost_server:3.10.2
Mattermost » Mattermost Server » Version: 3.10.3

cpe:2.3:a:mattermost:mattermost_server:3.10.3
Mattermost » Mattermost Server » Version: 3.2.0

cpe:2.3:a:mattermost:mattermost_server:3.2.0
Mattermost » Mattermost Server » Version: 3.3.0

cpe:2.3:a:mattermost:mattermost_server:3.3.0
Mattermost » Mattermost Server » Version: 3.4.0

cpe:2.3:a:mattermost:mattermost_server:3.4.0
Mattermost » Mattermost Server » Version: 3.5.0

cpe:2.3:a:mattermost:mattermost_server:3.5.0
Mattermost » Mattermost Server » Version: 3.5.1

cpe:2.3:a:mattermost:mattermost_server:3.5.1
Mattermost » Mattermost Server » Version: 3.5.2

cpe:2.3:a:mattermost:mattermost_server:3.5.2
Mattermost » Mattermost Server » Version: 3.5.3

cpe:2.3:a:mattermost:mattermost_server:3.5.3
Mattermost » Mattermost Server » Version: 3.6.0

cpe:2.3:a:mattermost:mattermost_server:3.6.0
Mattermost » Mattermost Server » Version: 3.6.1

cpe:2.3:a:mattermost:mattermost_server:3.6.1
Mattermost » Mattermost Server » Version: 3.6.2

cpe:2.3:a:mattermost:mattermost_server:3.6.2
Mattermost » Mattermost Server » Version: 3.6.3

cpe:2.3:a:mattermost:mattermost_server:3.6.3
Mattermost » Mattermost Server » Version: 3.6.4

cpe:2.3:a:mattermost:mattermost_server:3.6.4
Mattermost » Mattermost Server » Version: 3.6.5

cpe:2.3:a:mattermost:mattermost_server:3.6.5
Mattermost » Mattermost Server » Version: 3.6.6

cpe:2.3:a:mattermost:mattermost_server:3.6.6
Mattermost » Mattermost Server » Version: 3.6.7

cpe:2.3:a:mattermost:mattermost_server:3.6.7
Mattermost » Mattermost Server » Version: 3.7.0

cpe:2.3:a:mattermost:mattermost_server:3.7.0
Mattermost » Mattermost Server » Version: 3.7.1

cpe:2.3:a:mattermost:mattermost_server:3.7.1
Mattermost » Mattermost Server » Version: 3.7.2

cpe:2.3:a:mattermost:mattermost_server:3.7.2
Mattermost » Mattermost Server » Version: 3.7.3

cpe:2.3:a:mattermost:mattermost_server:3.7.3
Mattermost » Mattermost Server » Version: 3.7.4

cpe:2.3:a:mattermost:mattermost_server:3.7.4
Mattermost » Mattermost Server » Version: 3.7.5

cpe:2.3:a:mattermost:mattermost_server:3.7.5
Mattermost » Mattermost Server » Version: 3.7.6

cpe:2.3:a:mattermost:mattermost_server:3.7.6
Mattermost » Mattermost Server » Version: 3.8.0

cpe:2.3:a:mattermost:mattermost_server:3.8.0
Mattermost » Mattermost Server » Version: 3.8.1

cpe:2.3:a:mattermost:mattermost_server:3.8.1
Mattermost » Mattermost Server » Version: 3.8.2

cpe:2.3:a:mattermost:mattermost_server:3.8.2
Mattermost » Mattermost Server » Version: 3.8.3

cpe:2.3:a:mattermost:mattermost_server:3.8.3
Mattermost » Mattermost Server » Version: 3.9.0

cpe:2.3:a:mattermost:mattermost_server:3.9.0
Mattermost » Mattermost Server » Version: 3.9.1

cpe:2.3:a:mattermost:mattermost_server:3.9.1
Mattermost » Mattermost Server » Version: 3.9.2

cpe:2.3:a:mattermost:mattermost_server:3.9.2
Mattermost » Mattermost Server » Version: 4.0.0

cpe:2.3:a:mattermost:mattermost_server:4.0.0
Mattermost » Mattermost Server » Version: 4.0.1

cpe:2.3:a:mattermost:mattermost_server:4.0.1
Mattermost » Mattermost Server » Version: 4.0.2

cpe:2.3:a:mattermost:mattermost_server:4.0.2
Mattermost » Mattermost Server » Version: 4.0.3

cpe:2.3:a:mattermost:mattermost_server:4.0.3
Mattermost » Mattermost Server » Version: 4.0.4

cpe:2.3:a:mattermost:mattermost_server:4.0.4
Mattermost » Mattermost Server » Version: 4.0.5

cpe:2.3:a:mattermost:mattermost_server:4.0.5
Mattermost » Mattermost Server » Version: 4.1.0

cpe:2.3:a:mattermost:mattermost_server:4.1.0
Mattermost » Mattermost Server » Version: 4.1.1

cpe:2.3:a:mattermost:mattermost_server:4.1.1
Mattermost » Mattermost Server » Version: 4.1.2

cpe:2.3:a:mattermost:mattermost_server:4.1.2
Mattermost » Mattermost Server » Version: 4.2.0

cpe:2.3:a:mattermost:mattermost_server:4.2.0
Mattermost » Mattermost Server » Version: 4.2.1

cpe:2.3:a:mattermost:mattermost_server:4.2.1
Mattermost » Mattermost Server » Version: 4.2.2

cpe:2.3:a:mattermost:mattermost_server:4.2.2
Mattermost » Mattermost Server » Version: 4.3.0

cpe:2.3:a:mattermost:mattermost_server:4.3.0
Mattermost » Mattermost Server » Version: 4.3.1

cpe:2.3:a:mattermost:mattermost_server:4.3.1
Mattermost » Mattermost Server » Version: 4.3.2

cpe:2.3:a:mattermost:mattermost_server:4.3.2
Mattermost » Mattermost Server » Version: 4.3.3

cpe:2.3:a:mattermost:mattermost_server:4.3.3
Mattermost » Mattermost Server » Version: 4.3.4

cpe:2.3:a:mattermost:mattermost_server:4.3.4
Mattermost » Mattermost Server » Version: 4.4.0

cpe:2.3:a:mattermost:mattermost_server:4.4.0
Mattermost » Mattermost Server » Version: 4.4.1

cpe:2.3:a:mattermost:mattermost_server:4.4.1
Mattermost » Mattermost Server » Version: 4.4.2

cpe:2.3:a:mattermost:mattermost_server:4.4.2
Mattermost » Mattermost Server » Version: 4.4.3

cpe:2.3:a:mattermost:mattermost_server:4.4.3
Mattermost » Mattermost Server » Version: 4.4.4

cpe:2.3:a:mattermost:mattermost_server:4.4.4
Mattermost » Mattermost Server » Version: 4.4.5

cpe:2.3:a:mattermost:mattermost_server:4.4.5
Mattermost » Mattermost Server » Version: 4.5.0

cpe:2.3:a:mattermost:mattermost_server:4.5.0
Mattermost » Mattermost Server » Version: 4.5.1

cpe:2.3:a:mattermost:mattermost_server:4.5.1
Mattermost » Mattermost Server » Version: 4.6.0

cpe:2.3:a:mattermost:mattermost_server:4.6.0
Mattermost » Mattermost Server » Version: 4.6.1

cpe:2.3:a:mattermost:mattermost_server:4.6.1
Mattermost » Mattermost Server » Version: 4.7.0

cpe:2.3:a:mattermost:mattermost_server:4.7.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-21263

Products

Pricing

Contact Us