CVE-2023-4106

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Aug 11, 2023
Updated: Aug 15, 2023
CWE ID 120

Summary

CVE-2023-4106 is a vulnerability affecting Mattermost that allows guests to bypass access restrictions on public playbooks. The application fails to verify user permissions properly, enabling guests to view, join, edit, export, and archive these playbooks despite not having the necessary authorization. This issue exposes sensitive information and could lead to unintended modifications, potentially causing significant consequences in organizational workflows.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Apple (iPhone OS)
  • MacOS
  • iPadOS

Affected Vendors

  • Apple