Mattermost Server vulnerabilities

CVE-2018-21251 [CRITICAL] CWE-862 CVE-2018-21251: An issue was discovered in Mattermost Server before 5.2 and 5.1.1. Authorization could be bypassed i An issue was discovered in Mattermost Server before 5.2 and 5.1.1. Authorization could be bypassed if the channel name were not the same in the params and the body.

CVE-2017-18912 [CRITICAL] CWE-22 CVE-2017-18912: An issue was discovered in Mattermost Server before 3.8.2, 3.7.5, and 3.6.7. It allows an attacker t An issue was discovered in Mattermost Server before 3.8.2, 3.7.5, and 3.6.7. It allows an attacker to specify a full pathname of a log file.

CVE-2017-18888 [CRITICAL] CWE-89 CVE-2017-18888: An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It allows SQL injection An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It allows SQL injection during the fetching of multiple posts.

CVE-2016-11074 [CRITICAL] CWE-287 CVE-2016-11074: An issue was discovered in Mattermost Server before 3.0.0. A password-reset link could be reused. An issue was discovered in Mattermost Server before 3.0.0. A password-reset link could be reused.

CVE-2017-18908 [CRITICAL] CWE-287 CVE-2017-18908: An issue was discovered in Mattermost Server before 4.0.0, 3.10.2, and 3.9.2. A password-reset reque An issue was discovered in Mattermost Server before 4.0.0, 3.10.2, and 3.9.2. A password-reset request was sometime sent to an attacker-provided e-mail address.

CVE-2017-18920 [CRITICAL] CVE-2017-18920: An issue was discovered in Mattermost Server before 3.6.2. The WebSocket feature does not follow the An issue was discovered in Mattermost Server before 3.6.2. The WebSocket feature does not follow the Same Origin Policy.

CVE-2019-20888 [HIGH] CWE-401 CVE-2019-20888: An issue was discovered in Mattermost Server before 5.7, 5.6.3, 5.5.2, and 4.10.5. It allows attacke An issue was discovered in Mattermost Server before 5.7, 5.6.3, 5.5.2, and 4.10.5. It allows attackers to cause a denial of service (memory consumption) via an outgoing webhook or a slash command integration.

CVE-2020-14450 [HIGH] CVE-2020-14450: An issue was discovered in Mattermost Server before 5.22.0. The markdown renderer allows attackers t An issue was discovered in Mattermost Server before 5.22.0. The markdown renderer allows attackers to cause a denial of service (client-side), aka MMSA-2020-0017.

CVE-2018-21248 [HIGH] CWE-522 CVE-2018-21248: An issue was discovered in Mattermost Server before 5.4.0. It mishandles possession of superfluous a An issue was discovered in Mattermost Server before 5.4.0. It mishandles possession of superfluous authentication credentials.

CVE-2020-14458 [HIGH] CVE-2020-14458: An issue was discovered in Mattermost Server before 5.19.0. Attackers can discover private channels An issue was discovered in Mattermost Server before 5.19.0. Attackers can discover private channels via the "get channel by name" API, aka MMSA-2020-0004.

CVE-2020-14453 [HIGH] CWE-345 CVE-2020-14453: An issue was discovered in Mattermost Server before 5.21.0. Socket read operations are not appropria An issue was discovered in Mattermost Server before 5.21.0. Socket read operations are not appropriately restricted, which allows attackers to cause a denial of service, aka MMSA-2020-0005.

CVE-2017-18871 [HIGH] CVE-2017-18871: An issue was discovered in Mattermost Server before 4.5.0, 4.4.5, 4.3.4, and 4.2.2. It allows attack An issue was discovered in Mattermost Server before 4.5.0, 4.4.5, 4.3.4, and 4.2.2. It allows attackers to cause a denial of service (application crash) via an @ character before a JavaScript field name.

CVE-2020-14448 [HIGH] CWE-835 CVE-2020-14448: An issue was discovered in Mattermost Server before 5.23.0. Automatic direct message replies allow a An issue was discovered in Mattermost Server before 5.23.0. Automatic direct message replies allow attackers to cause a denial of service (infinite loop), aka MMSA-2020-0020.

CVE-2019-20845 [HIGH] CWE-770 CVE-2019-20845: An issue was discovered in Mattermost Server before 5.18.0. It allows attackers to cause a denial of An issue was discovered in Mattermost Server before 5.18.0. It allows attackers to cause a denial of service (memory consumption) via a large Slack import.

CVE-2017-18909 [HIGH] CWE-295 CVE-2017-18909: An issue was discovered in Mattermost Server before 3.9.0 when SAML is used. Encryption and signatur An issue was discovered in Mattermost Server before 3.9.0 when SAML is used. Encryption and signature verification are not mandatory.

CVE-2019-20858 [HIGH] CWE-400 CVE-2019-20858: An issue was discovered in Mattermost Server before 5.15.0. It allows attackers to cause a denial of An issue was discovered in Mattermost Server before 5.15.0. It allows attackers to cause a denial of service (CPU consumption) via crafted characters in a SQL LIKE clause to an APIv4 endpoint.

CVE-2017-18906 [HIGH] CWE-287 CVE-2017-18906: An issue was discovered in Mattermost Server before 4.0.0, 3.10.2, and 3.9.2, when Single Sign-On OA An issue was discovered in Mattermost Server before 4.0.0, 3.10.2, and 3.9.2, when Single Sign-On OAuth2 is used. An attacker could claim somebody else's account.

CVE-2017-18886 [HIGH] CWE-732 CVE-2017-18886: An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It allows a bypass of r An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It allows a bypass of restrictions on use of slash commands.

CVE-2019-20854 [HIGH] CVE-2019-20854: An issue was discovered in Mattermost Server before 5.17.0. It allows remote attackers to cause a de An issue was discovered in Mattermost Server before 5.17.0. It allows remote attackers to cause a denial of service (client-side application crash) via a LaTeX message.

CVE-2019-20863 [HIGH] CVE-2019-20863: An issue was discovered in Mattermost Server before 5.13.0. Incoming webhook creation is not properl An issue was discovered in Mattermost Server before 5.13.0. Incoming webhook creation is not properly restricted.