cbcvebase.
CVE-2019-20843
published 2020-06-19

CVE-2019-20843: An issue was discovered in Mattermost Server before 5.18.0, 5.17.2, 5.16.4, 5.15.4, and 5.9.7. There are weak permissions for configuration files.

high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
An issue was discovered in Mattermost Server before 5.18.0, 5.17.2, 5.16.4, 5.15.4, and 5.9.7. There are weak permissions for configuration files.

Affected

5 ranges
VendorProductVersion rangeFixed in
mattermostmattermost_server< 5.9.75.9.7
mattermostmattermost_server
mattermostmattermost_server>= 5.15.0 < 5.15.45.15.4
mattermostmattermost_server>= 5.16.0 < 5.16.45.16.4
mattermostmattermost_server>= 5.17.0 < 5.17.25.17.2

CVSS provenance

nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
osv6.8MEDIUM