Vulnerability Details CVE-2019-20889
An issue was discovered in Mattermost Server before 5.7, 5.6.3, 5.5.2, and 4.10.5. It mishandles permissions for user-access token creation.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 35.8%
CVSS Severity
CVSS v3 Score 5.3
CVSS v2 Score 5.0
Products affected by CVE-2019-20889
-
cpe:2.3:a:mattermost:mattermost_server:4.10.0
-
cpe:2.3:a:mattermost:mattermost_server:4.10.1
-
cpe:2.3:a:mattermost:mattermost_server:4.10.2
-
cpe:2.3:a:mattermost:mattermost_server:4.10.3
-
cpe:2.3:a:mattermost:mattermost_server:4.10.4
-
cpe:2.3:a:mattermost:mattermost_server:5.5.0
-
cpe:2.3:a:mattermost:mattermost_server:5.5.1
-
cpe:2.3:a:mattermost:mattermost_server:5.6.0
-
cpe:2.3:a:mattermost:mattermost_server:5.6.1
-
cpe:2.3:a:mattermost:mattermost_server:5.6.2
-
cpe:2.3:a:mattermost:mattermost_server:5.7.0