Shodan
Vulnerabilities
Vulnerable Software
Mattermost:  >> Mattermost Server  Security Vulnerabilities
CVE-2019-20885
An issue was discovered in Mattermost Server before 5.8.0. It does not always generate a robots.txt file.
CVSS Score
7.5
EPSS Score
0.003
Published
2020-06-19
CVE-2019-20886
An issue was discovered in Mattermost Server before 5.8.0. The first user is sometimes inadvertently a system admin.
CVSS Score
7.5
EPSS Score
0.002
Published
2020-06-19
CVE-2019-20887
An issue was discovered in Mattermost Server before 5.7.1, 5.6.4, 5.5.3, and 4.10.6. It does not honor flags API permissions when deciding whether a user can receive intra-team posts.
CVSS Score
4.3
EPSS Score
0.001
Published
2020-06-19
CVE-2019-20888
An issue was discovered in Mattermost Server before 5.7, 5.6.3, 5.5.2, and 4.10.5. It allows attackers to cause a denial of service (memory consumption) via an outgoing webhook or a slash command integration.
CVSS Score
7.5
EPSS Score
0.004
Published
2020-06-19
CVE-2017-18875
An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2 when local storage for files is used. A System Admin can create arbitrary files.
CVSS Score
4.9
EPSS Score
0.002
Published
2020-06-19
CVE-2017-18876
An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2 when local storage for files is used. A System Admin can test for the existence of an arbitrary file.
CVSS Score
4.9
EPSS Score
0.003
Published
2020-06-19
CVE-2017-18877
An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. XSS attacks could occur against an OAuth 2.0 allow/deny page.
CVSS Score
6.1
EPSS Score
0.004
Published
2020-06-19
CVE-2018-21248
An issue was discovered in Mattermost Server before 5.4.0. It mishandles possession of superfluous authentication credentials.
CVSS Score
7.5
EPSS Score
0.003
Published
2020-06-19
CVE-2018-21249
An issue was discovered in Mattermost Server before 5.3.0. It mishandles timing.
CVSS Score
3.7
EPSS Score
0.002
Published
2020-06-19
CVE-2018-21250
An issue was discovered in Mattermost Server before 5.2.2, 5.1.2, and 4.10.4. It allows remote attackers to cause a denial of service (memory consumption) via crafted image dimensions.
CVSS Score
6.5
EPSS Score
0.004
Published
2020-06-19


Products
Pricing
Contact Us

Shodan ® - All rights reserved