4.3

CVSS Score

3.1

Basic Information

CVE ID

CVE-2023-45223

GHSA ID

GHSA-p5pr-vm3j-jxxf

EPSS Score

0.50382%

CWE

CWE-200

Published

11/27/2023

Updated

11/28/2023

KEV Status

Technology

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2023-45223

CVE-2023-45223: Mattermost Exposure of Sensitive Information to an Unauthorized Actor vulnerability

Mattermost fails to properly validate the "Show Full Name" option in a few endpoints in Mattermost Boards, allowing a member to get the full name of another user even if the Show Full Name option was disabled.

(GitHub Advisory)

4.3

CVSS Score

3.1

Basic Information

CVE ID

CVE-2023-45223

GHSA ID

GHSA-p5pr-vm3j-jxxf

EPSS Score

0.50382%

CWE

CWE-200

Published

11/27/2023

Updated

11/28/2023

KEV Status

Technology

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
github.com/mattermost/mattermost/server/v8	go	< 8.1.4	8.1.4
github.com/mattermost/mattermost-server/v6	go	< 7.8.13	7.8.13

Vulnerability Intelligence
Miggo AI

Root Cause Analysis:

In progress

WAF Protection Rules

WAF Rule

M*tt*rmost **ils to prop*rly v*li**t* t** "S*ow *ull N*m*" option in * **w *n*points in M*tt*rmost *o*r*s, *llowin* * m*m**r to **t t** *ull n*m* o* *not**r us*r *v*n i* t** S*ow *ull N*m* option w*s *is**l**.

Reasoning

No *n*lysis *v*il**l*

4.3

Basic Information

Concerned about an active attack path?

CVE-2023-45223: Mattermost Exposure of Sensitive Information to an Unauthorized Actor vulnerability

4.3

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI