CVE-2023-48268

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Nov 27, 2023

Updated: Dec 1, 2023

CWE ID 400

Summary

CVE-2023-48268 is a vulnerability affecting Mattermost that allows an attacker to consume excessive resources through a specially crafted zip file during board import in Mattermost Boards. By importing such a file, an attacker can cause a Denial of Service condition due to the failure of Mattermost to limit the amount of data extracted from the archive.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Mattermost
Mattermost Mattermost

Affected Vendors

Mattermost, Inc.

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/thIQ5_
https://www.cve.org/CVERecord?id=CVE-2023-48268
https://nvd.nist.gov/vuln/detail/CVE-2023-48268

Back to Vulnerability Database