CVE-2017-18916
published 2020-06-19CVE-2017-18916: An issue was discovered in Mattermost Server before 3.8.2, 3.7.5, and 3.6.7. API endpoint access control does not honor an integration permission restriction.
medium5.3CVSS 3.1
AVNACLPRNUINSUCNILAN
An issue was discovered in Mattermost Server before 3.8.2, 3.7.5, and 3.6.7. API endpoint access control does not honor an integration permission restriction.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| github.com | mattermost_mattermost-server | >= 0 < 3.6.7-0.20170420152529-0968e4079e0a | 3.6.7-0.20170420152529-0968e4079e0a |
| github.com | mattermost_mattermost-server | >= 3.7.0 < 3.7.5 | 3.7.5 |
| github.com | mattermost_mattermost-server | >= 3.7.0+incompatible < 3.7.5+incompatible | 3.7.5+incompatible |
| github.com | mattermost_mattermost-server | >= 3.8.0 < 3.8.2 | 3.8.2 |
| github.com | mattermost_mattermost-server | >= 3.8.0+incompatible < 3.8.2+incompatible | 3.8.2+incompatible |
| mattermost | mattermost_server | < 3.6.7 | 3.6.7 |
| mattermost | mattermost_server | >= 3.7.0 < 3.7.5 | 3.7.5 |
| mattermost | mattermost_server | >= 3.8.0 < 3.8.2 | 3.8.2 |