Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Team associated AD/LDAP Groups Leaked due to missing authorization
Vulnerability Description
Mattermost fails to properly authorize the requests fetching team associated AD/LDAP groups, allowing a user to fetch details of AD/LDAP groups of a team that they are not a member of.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
信息暴露
Vulnerability Title
Mattermost 安全漏洞
Vulnerability Description
Mattermost是美国Mattermost公司的一个开源协作平台。 Mattermost存在安全漏洞,该漏洞源于无法正确授权获取与团队相关的AD/LDAP组的请求,从而导致攻击者可以获取其成员的团队的AD/LLDAP组的详细信息。受影响的产品和版本:Mattermost 9.4.2之前的9.4.0版本,9.3.1之前的9.3.0版本,9.2.52之前的9.2.0版本,8.1.9之前版本。
CVSS Information
N/A
Vulnerability Type
N/A