CVE-2023-3587

CVSS 3.1 Score 9.4 of 10 (high)

Details

Published Jul 17, 2023

Updated: Jul 27, 2023

CWE ID 787

Summary

CVE-2023-3587 is a vulnerability affecting Mattermost, an open-source collaborative messaging platform. The issue arises due to a failure in the UI to accurately reflect changes in board permissions. Consequently, a system admin can modify board state settings, granting editor access to any user with a valid sharing link, without the updated permissions being visible in the UI. This vulnerability poses a risk to the security and integrity of Mattermost boards.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

SAP Web Dispatcher

Affected Vendors

SAP SE

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/r8yGO-
https://www.cve.org/CVERecord?id=CVE-2023-3587
https://nvd.nist.gov/vuln/detail/CVE-2023-3587

Back to Vulnerability Database