CVE-2017-18909
published 2020-06-19CVE-2017-18909: An issue was discovered in Mattermost Server before 3.9.0 when SAML is used. Encryption and signature verification are not mandatory.
high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
An issue was discovered in Mattermost Server before 3.9.0 when SAML is used. Encryption and signature verification are not mandatory.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| github.com | mattermost_mattermost-server | >= 0 < 3.8.1-0.20170504181128-4f074fed0d65 | 3.8.1-0.20170504181128-4f074fed0d65 |
| mattermost | mattermost_server | < 3.9.0 | 3.9.0 |