Shodan
Vulnerabilities
Vulnerable Software
Mattermost:  >> Mattermost Server  >> 1.2.0  Security Vulnerabilities
CVE-2017-18872
An issue was discovered in Mattermost Server before 4.4.3 and 4.3.3. Attackers could reconfigure an OAuth app in some cases where Mattermost is an OAuth 2.0 service provider.
CVSS Score
4.3
EPSS Score
0.002
Published
2020-06-19
CVE-2017-18873
An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It allows attackers to cause a denial of service (channel invisibility) via a misformatted post.
CVSS Score
5.3
EPSS Score
0.004
Published
2020-06-19
CVE-2018-21252
An issue was discovered in Mattermost Server before 5.2, 5.1.1, 5.0.3, and 4.10.3. Attackers could use multiple e-mail addresses to bypass a domain-based policy for signups.
CVSS Score
4.3
EPSS Score
0.002
Published
2020-06-19
CVE-2018-21256
An issue was discovered in Mattermost Server before 5.1. It allows attackers to bypass intended access restrictions (for group-message channel creation) via the Group message slash command.
CVSS Score
4.3
EPSS Score
0.002
Published
2020-06-19
CVE-2018-21264
An issue was discovered in Mattermost Server before 4.7.0, 4.6.2, and 4.5.2. It did not enforce the expiration date of a SAML response.
CVSS Score
8.8
EPSS Score
0.005
Published
2020-06-19
CVE-2019-20890
An issue was discovered in Mattermost Server before 5.7. It allows a bypass of e-mail address discovery restrictions.
CVSS Score
4.3
EPSS Score
0.002
Published
2020-06-19
CVE-2018-21262
An issue was discovered in Mattermost Server before 4.7.3. It allows attackers to cause a denial of service (application crash) via invalid LaTeX text.
CVSS Score
7.5
EPSS Score
0.004
Published
2020-06-19
CVE-2018-21263
An issue was discovered in Mattermost Server before 4.7.0, 4.6.2, and 4.5.2. An attacker could authenticate to a different user's account via a crafted SAML response.
CVSS Score
8.8
EPSS Score
0.003
Published
2020-06-19
CVE-2019-20875
An issue was discovered in Mattermost Server before 5.9.0, 5.8.1, 5.7.3, and 4.10.8. It allows a password reset to proceed while an e-mail address is being changed.
CVSS Score
5.3
EPSS Score
0.002
Published
2020-06-19
CVE-2019-20876
An issue was discovered in Mattermost Server before 5.9.0, 5.8.1, 5.7.3, and 4.10.8. Users can deactivate themselves, bypassing a policy.
CVSS Score
5.4
EPSS Score
0.004
Published
2020-06-19


Products
Pricing
Contact Us

Shodan ® - All rights reserved