CVE-2023-5876
CVSS 3.1 Score 5.3 of 10 (medium)
Details
Published Nov 2, 2023
Updated: Nov 9, 2023
CWE ID 400
Summary
CVE-2023-5876 is a vulnerability affecting Mattermost, a popular open-source team communication platform. The issue arises from Mattermost's failure to adequately validate Regular Expressions constructed from the server URL path. This weakness grants an attacker controlling an enrolled server the ability to execute a Denial of Service attack. By manipulating the regex, they can trigger excessive resource consumption, consequently causing the service to become unavailable for intended users.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Vendors
- Mattermost, Inc.