Miggo Logo
Miggo Vulnerability Database
CVE-2023-5193

CVE-2023-5193: Mattermost Incorrect Authorization vulnerability

2.7

CVSS Score
3.1

Basic Information

CVE ID
CVE-2023-5193
GHSA ID
GHSA-h8wh-f7gw-fwpr
EPSS Score
0.33326%
CWE
CWE-863
Published
9/29/2023
Updated
11/7/2023
KEV Status
No
Technology
TechnologyGo

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
github.com/mattermost/mattermost/server/v8go= 8.1.08.1.1
github.com/mattermost/mattermost/server/v8go>= 8.0.0, < 8.0.28.0.2
github.com/mattermost/mattermost-server/v6go< 7.8.107.8.10

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis:
In progress

WAF Protection Rules

WAF Rule

M*tt*rmost **ils to prop*rly ****k p*rmissions w**n r*tri*vin* * post *llowin* *or * Syst*m Rol* wit* t** p*rmission to m*n*** ***nn*ls to r*** t** posts o* * *M *onv*rs*tion.

Reasoning

No *n*lysis *v*il**l*