CVE-2023-5876

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Nov 2, 2023
Updated: Nov 9, 2023
CWE ID 400

Summary

CVE-2023-5876 is a vulnerability affecting Mattermost, a popular open-source team communication platform. The issue arises from Mattermost's failure to adequately validate Regular Expressions constructed from the server URL path. This weakness grants an attacker controlling an enrolled server the ability to execute a Denial of Service attack. By manipulating the regex, they can trigger excessive resource consumption, consequently causing the service to become unavailable for intended users.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share