CVE-2023-4106

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Aug 11, 2023

Updated: Aug 15, 2023

CWE ID 120

Summary

CVE-2023-4106 is a vulnerability affecting Mattermost that allows guests to bypass access restrictions on public playbooks. The application fails to verify user permissions properly, enabling guests to view, join, edit, export, and archive these playbooks despite not having the necessary authorization. This issue exposes sensitive information and could lead to unintended modifications, potentially causing significant consequences in organizational workflows.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Apple (iPhone OS)
MacOS
iPadOS

Affected Vendors

Apple

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sbNBAu
https://www.cve.org/CVERecord?id=CVE-2023-4106
https://nvd.nist.gov/vuln/detail/CVE-2023-4106

Back to Vulnerability Database