CVE Details: CVE-2023-5159

Description

Mattermost fails to properly verify the permissions when managing/updating a bot allowing a User Manager role with user edit permissions to manage/update bots.

Published Date: 2023-09-29
Last Modified Date: 2023-10-03
Severity: LOW
CVSS v3 Score: 2.7
CWE ID: CWE-863
Attack Vector: NETWORK
Attack Complexity: LOW
Privileges Required: HIGH
User Interaction: NONE
Scope: UNCHANGED
Confidentiality Impact: NONE
Integrity Impact: LOW
Availability Impact: NONE

Back to CVE List