Shodan
Vulnerabilities
Vulnerable Software
Mattermost:  >> Mattermost Server  >> 4.8.2  Security Vulnerabilities
CVE-2019-20842
An issue was discovered in Mattermost Server before 5.18.0, 5.17.2, 5.16.4, 5.15.4, and 5.9.7. There is SQL injection by admins via SearchAllChannels.
CVSS Score
7.2
EPSS Score
0.004
Published
2020-06-19
CVE-2019-20843
An issue was discovered in Mattermost Server before 5.18.0, 5.17.2, 5.16.4, 5.15.4, and 5.9.7. There are weak permissions for configuration files.
CVSS Score
7.5
EPSS Score
0.002
Published
2020-06-19
CVE-2019-20844
An issue was discovered in Mattermost Server before 5.18.0, 5.17.2, 5.16.4, 5.15.4, and 5.9.7. An attacker can spoof a direct-message channel by changing the type of a channel.
CVSS Score
6.5
EPSS Score
0.001
Published
2020-06-19
CVE-2019-20845
An issue was discovered in Mattermost Server before 5.18.0. It allows attackers to cause a denial of service (memory consumption) via a large Slack import.
CVSS Score
7.5
EPSS Score
0.004
Published
2020-06-19
CVE-2019-20846
An issue was discovered in Mattermost Server before 5.18.0. It has weak permissions for server-local file storage.
CVSS Score
7.5
EPSS Score
0.002
Published
2020-06-19
CVE-2019-20847
An issue was discovered in Mattermost Server before 5.18.0. An attacker can send a user_typing WebSocket event to any channel.
CVSS Score
5.3
EPSS Score
0.002
Published
2020-06-19


Products
Pricing
Contact Us

Shodan ® - All rights reserved