CVE-2023-5195

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Sep 29, 2023

Updated: Oct 3, 2023

CWE ID 89

Summary

CVE-2023-5195 is a vulnerability affecting the Mattermost team collaboration platform. The issue arises due to insufficient permission validation during the soft deletion of teams. This allows a team member to inappropriately delete teams that they are not authorized to access, posing a significant security risk. The consequence of this vulnerability could lead to unintended data loss or unauthorized access to sensitive information within the affected Mattermost environment. Organizations using Mattermost are strongly encouraged to apply the available patch to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/t7TikB
https://www.cve.org/CVERecord?id=CVE-2023-5195
https://nvd.nist.gov/vuln/detail/CVE-2023-5195

Back to Vulnerability Database

CVE-2023-5195

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations